03-11-2013 05:10 PM
Hello all, can anyone tell me if there are any small business routers that offer one-to-one NAT?
Here is what I need to do: I have several public IP addresses assigned to me by CenturyLink. I have two servers that provide email and web hosting for two different domains. I want to put the client machines on one VLAN (VLAN Z) and assign it a public IP address (to keep server traffic separate). I want to put each server on its own VLAN (VLANs X & Y) and assign each server its own public IP address. I need the router to be able to provide a firewall and port forwarding for each VLAN. I also need to be able to route traffic between VLANs so the clients on VLAN Z can access their email and the websites on VLANs X and Y. I also need to be able to route DNS traffic between VLANs so each server can provide name resolution for their respective domains.
So, is this possible with a small business router or do I need to look at something different? I'm fairly certain this configuration is not possible with my current Cisco RVS4000. What it boils down to is I need a router that is capable of having multiple public IP addresses on the same interface and to forward those public addresses to private VLAN subnets. This would be one-to-one NAT if I understand it correctly...right?
Any help is greatly appreciated!
Solved! Go to Solution.
03-11-2013 05:38 PM
Hi Taylor, thanks for using our forum, my name is Johnnatan and I am part of the Small business Support community. I´ve seen your post and I was looking for some devices that could help you, these small business router support the feature you were wanting, the one-to-one nat, also the routing features, you see the list of the Rv routers here
http://www.cisco.com/en/US/products/ps9923/products_data_sheets_list.html
I selected two models that could be useful for you:
Rv180
http://www.cisco.com/en/US/prod/collateral/routers/ps10907/ps9923/ps11995/c78-697397_data_sheet.html
Rv220
http://www.cisco.com/en/US/prod/collateral/routers/ps9923/ps11025/data_sheet_c78-630461.html
I hope you find this answer useful,
*Please mark the question as Answered or rate it so other users can benefit from it*
Greetings,
Johnnatan Rodriguez Miranda.
Cisco Network Support Engineer.
03-11-2013 05:38 PM
Hi Taylor, thanks for using our forum, my name is Johnnatan and I am part of the Small business Support community. I´ve seen your post and I was looking for some devices that could help you, these small business router support the feature you were wanting, the one-to-one nat, also the routing features, you see the list of the Rv routers here
http://www.cisco.com/en/US/products/ps9923/products_data_sheets_list.html
I selected two models that could be useful for you:
Rv180
http://www.cisco.com/en/US/prod/collateral/routers/ps10907/ps9923/ps11995/c78-697397_data_sheet.html
Rv220
http://www.cisco.com/en/US/prod/collateral/routers/ps9923/ps11025/data_sheet_c78-630461.html
I hope you find this answer useful,
*Please mark the question as Answered or rate it so other users can benefit from it*
Greetings,
Johnnatan Rodriguez Miranda.
Cisco Network Support Engineer.
03-11-2013 06:34 PM
Jonathan, in the RV220W admin guide, on page 50 it says that one-to-one NAT is only available on VLAN1. Does that mean that I can only have one public IP address for this router?
If I put the router in "router" mode does that allow me to have additional one-to-one NAT capability?
Thanks,
Taylor
03-12-2013 04:31 PM
Hi Taylor,
I have several RV220Ws deployed and am currently using "One-to-one NAT" to forward multiple external IP addresses to multiple unique interal IP addresses. I do recall that the "One-to-one NAT" configuration is rather confusing to setup on the newer RV series but it does work. IMHO the RV082 has the most straight forward interface and everything since then has gotten more and more confusing.
Kevin
03-12-2013 04:42 PM
Just logged on to one of the RV220s that is doing One-to-one NAT and remembered why it was confusing.
One-to-One NAT is under Advanced Settings and requires you to specify a service to forward. It then auto-creates all the required port forwarding and access rules to allow the service to go through.
On the older routers (RV082) One-to-one NAT only specifies the External and Internal IP. It is then up to the user to create the necessary Access Rules preventing all ports from being open. No Port Forwarding is required as everything going to the External address is either sent to the Internal address or discarded depending on the Access Rules.
Hope this helps.
03-13-2013 06:50 PM
Hi Kevin,
Thanks for the info! I currently have an RVS4000 and it appears I can create inbound rules on that as well. Unfortunately, it did not work for me.
I have to setup a device with a static IP in order to get traffic from the internet. On my DSL modem, I have a built-in switch and if I plug a device into it, and assign it a static IP address from my reserved block, then I can ping it and see it from the internet. Without a device that has an explicit IP address, I cannot get traffic to it. Does that make sense?
As I have it right now, my current RVS4000 is plugged into my modem and has a static IP address of #.#.#.33. I need an additional interface to assign #.#.#.34 in order for it to be recognized on the internet. CenturyLink doesn't automatically send all traffic to my modem unless an IP address is assigned. Is that possible on the RV220W or any other small biz router? That is considered one-to-one NAT, right?
Taylor
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide