Can Cisco 3350 L3 switch be configured with different vlans and each vlan use its own public IP address to get to the internet.
My goal is to give each vlan a public IP address .Basically this is a shared accommodation and each vlan/office is an independent office. Hosts in one vlan doesn’t required to talk to the hosts in another vlan but all hosts need internet.
Hosts will communicate within a office/vlan by using LAN ip addressing but will use public IP address ( NATing) to go on internet.
I have public 128 IP addresses in hand which can be assigned to offices/vlans. Each office/Vlan need to be identified with a unique public IP address.
I guess I need to do sub-netting on my public IP address block and assign a each vlan with /32 mask. ( I don’t know how......)
Cisco PIX will be configured to do Nating. But switches need to be configured to represent vlan with public IP.
I was thinking to create a loopback address for each vlan with /32 mask and use that interface for NATing /PATing.
Any recommendations please ? Can any other design be used to achieve the same result?
Thanks for the response.
For some reason, sales people have agreed this design with customer and ordered a block of 128 ip addresses for this. Another reason is that as this is a shared building ,each offfice in a building will have their own mail/ ftp/web servers which requires a public IP's anyway to run their web based services.
I have 30 offices in a building and all offices will use the same internet connection (10MB). All offices will use PIX and 4x 3550 L3 switches.
Switch managment is not a issue at the moment as once I am telneted/ssh'ed into PIX , I will hop over to switches via PIX.
Can Vlan inerface be used with a secondary IP addess, primary ip will be the vlan subnet ip and secondary IP will be the one of the public IP. All PC's with the vlan will use public IP as a gateway to internet ? not sure if this is possible, may natiing will not required in this case.
Vlan 10 - ip range 172.16.10.0./24
vlan int 10
ip address 172.16.10.1 255.255.255.0
ip address 81.54.66.x 255.255.255.255 secondary
Host in the vlan will have a gateway of 81.54.66.x
Can you think of any other design options to make it work ?
Let concentrate with single office design as you have common infrastructure in 30 offices.As you said all office will use a pix with 4*3550 switches, so what i would suggest for accessing the internet for office users you can have two option either create proxy server and nat that server on pix for internet connectivity and browsing purpose or make natting configuration on pix interface to do the same as 3550 switches are not having the natting funcationality.
For easy design just try to acehive the task with pix and l3 switch,that why i am not preferring secondary ip address concept.
Hope to Help !!
Remember to rate the helpful post