Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Using ISP network with multiple private spans in a bridged/LAN manner?

Dear all - this is a bit a of concept question. But it seems an obvious and generic requirement - but I can't find a nice, neat and simple solution? Or maybe I can't see the forest for the trees? Help/pointers would be appreciated - the first bit is the connectivity, I'll worry about the security issues once this has been put to bed. 

I need a WAN/LAN network with 30 plus nodes. My IPS will supply a nice fibre internet connection per node with fixed public IP's, each node has a /28 span (5 usable Public IPs) - so I have the foundation for an 'any to any' network (which I need) via these public IPs. I now need to expand the IP host connectivity behind the ISP supplied CPE. This expansions needs to be a set of private networks (say) 192.168.x.0/24 - with x being 1 to 30. - But I still need the 'any to any' connectivity. 

A (rather poor) ascii picture of what I need:

'                                                                   _________________

'                                                                   |          Internet         |

192.168.1.100/24 <---->ISP CPE/28 <-------> |                               |

192.168.2.100/24 <---->ISP CPE/28 <-------> |                               |

Etc up 'till 192.168.30.100/24                        |                               |

                                                                    |_________________|

The Internet becomes no more than a 30 port switch - with any 192.168.x.y being able to ping any other 192.168.x.y node

Any takers?

 

1 REPLY
Silver

Hello,Just to make sure I

Hello,

Just to make sure I have it correctly, you have several sites each with their own public addresses, which then have a private address range network behind them, and they need to all be able to communicate?

If so the solution would be site-to-site VPN tunnels.  That way each client could communicate with every other client using the private addresses, and all of the traffic going out over the ISPs public network would be encrypted.  This would involve a lot of tunnels so you would need a pretty beefy router, but that should give you what you are looking for.

Hope I understood it correctly and this helps,

Christopher Ebert - Advanced Network Support Engineer

Cisco Small Business Support Center

*please rate helpful posts*

41
Views
0
Helpful
1
Replies
CreatePlease to create content