inter net access by defferent vlan

Unanswered Question
Nov 6th, 2008


hi create different vlan 10,20, 30 ,40,50,60.they r not communicate each other vlan with vlan i want to access internet each of vlan.

note:swith can capable to ping my dns

please give me some solution

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Thu, 11/06/2008 - 02:00

Hello Arup,

you can think to use multiple separated NAT pools one for each Vlan or to use only one.

Example with PAT over the wan interface

access-list 11 remark all vlans

access-list 11 permit vlan10.ipsubnet wildcard


access-list 11 permit vlan60.ipsubnet wildcard

on all vlan interfaces

int vlan x

ip nat inside

on interface to the internet

int vlan y

ip nat outside

ip nat source inside list 11 vlany overload

this is the simplest solution with PAT used on the public ip address of the wan interface

Try to implement this.

Hope to help


arupbiet2006 Thu, 11/06/2008 - 02:58

hi Giuseppe

thanking you for reply .this configuration should be in router.

Giuseppe Larosa Thu, 11/06/2008 - 22:09

Hello Arup,

you can easily move the config on router

where you see

int vlan x

ip nat inside

change in the appropriate Vlan subifs

int f0/0.x

ip nat inside

If the router is after a L3 switch its inside interface will be only one for all of your vlans

Hope to help



This Discussion