Related to this post:
Anybody setup passthrough mode of the Motorola NVG510 router ATT makes you use with U-Verse to a CISCO 877 or similar, with a block of public addresses they want to use?
It is SOOOOO frustrating that I have to deal with this NVG510. It is NOT a very business class router... I am assuming that I need to put it into "passthrough" mode for the Cisco to be able to manage what happens with my assigned public addresses. If there is another way, let me know!
Here's what I plan to do: I've read the "related to" post above, about putting the NVG510 into passthrough mode, and I plan to do this as it discusses. I'll assume that works for now. But it will assign the router's WAN IP Address to the router's "outside" interface, not one of my private IP addresses. On the Cisco side, here is what I would do:
vlan1 interface is my "inside" private network.
Create vlan2 interface using dhcp to get IP/gateway from the nvg510, or set it up manually, whichever works... This interface will be the "outside" NAT interface. But this interface's address will be the router's WAN address, NOT the first of my 5 public assigned usable addresses...
Here is how it will be setup:
switchport access vlan 2
ip address dhcp
ip nat outside
crypto map xxxx
Then - make it my default NAT interface:
ip nat inside source list 110 interface Vlan2 overload
If I stop there...
I assume I could then NAT ports from my different private addresses to the various servers in my office. But the router won't have an interface with that first assigned-to-me public address. The reason I ask is that we have a site-to-site crypto-map defined, and the interface it is defined on determines the IP Address it will communicate from. I wanted this to be my own assigned public address, not the WAN address of the router... Not sure how I would do that though... Same with the default NAT assigned to vlan2 - by default machine in access list 110 will get to the internet with the WAN address of the nvg510, not my private address.
So, my question for any Cisco guru's out there...
Can I create interface vlan3, somehow linked to vlan2, give it the first private address in my block, and then move the cypto-map to this interface, and also change the default nat to vlan3 now instead of vlan2?
ip nat inside source list 110 interface Vlan3 overload
How would I go about doing such a thing? I am not a Cisco expert, I understand just the basics... This is a bit more complicated than I can figure out. Or maybe it is not possible?
Will I have to, for any computer that needs unsolicited traffic through the internet to use one of my assigned public addresses, to setup a one-to-one NAT for that address to that internal address? And everyone else is stuck using the WAN address. If this is the case, it is not right... What were they thinking when they designed this router and forced us to use it as a business class UVerse customer? This should NOT be so difficult/complicated...
Any comments / suggestions will be most welcome!