VLAN with PAT and 3 networks...I need help with design!

brian.bors · ‎11-29-2012

I've been tasked with a major upgrade to my current network and internet access.

1. I need to have an internal private network with access to the internet. This will be for large meetings, and I'll use a private network with 2048 addresses.

2. I also will have a small publid network with 8 routable addresses for Firewall, Web Server, PAT (NAT overload) for the above Private network internet access.

3. I want to split a class C address into two networks to allow one network (128 addresses) for Guest use that need routable addresses, and a second network (the other 128 addresses) for specific meetings that also need routable addresses.

I have:

I have been issued a router from my ISP. They have allocated me one .248 network with 8 addresses (6 usable) and a full class C network.

A Cisco 1841 router with 2 FA ethernet ports. I would like to use one FA port at the outside (to my ISP router) and the other FA port as my Inside port (to all other networks). I will do NAT Overload.

I also have a Layer 3 Catylist 3750 switch.

Do I need to set up VLANs for each Network?

Can I place my network hardware on the 10 network?

Do I need router sub interfaces for my VLANs and can I PAT on a Subinterface?

Raju Sekharan · ‎11-29-2012

Hi Brian

1. Do I need to set up VLANs for each Network?

Create seperate VLANS for each subnet and do the intervlan routing on 3750

2. Can I place my network hardware on the 10 network?

Yes

3. Do I need router sub interfaces for my VLANs and can I PAT on a Subinterface?

Not required. You can do the intervlan routing on your Layer 3 3750 switch. From 3750 you can point a default-route to the router.

On the router you can perform PAT based on an ACL. Also you need to add Static NAT for your Webserver etc

Thank you

Raju