Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3299
Views
0
Helpful
4
Replies

RV180 NAT five STATIC IPs to 5 VLAN subnets?

gpzilla89
Level 1
Level 1

‎02-06-2013 10:49 AM

I have five static IPs that I would like to fully utilize, by NAT'ing them to internal VLAN subnets.

I read that the RV180 can do this, but I am having difficulty in finding a working recipe.

I have assigned xxx.xxx.xxx.2 to the RV180 WAN interface.

I have created four additional VLANs 2-5 and assigned to ports 1-4 with subnet interfaces 192.168.2.254, 192.168.3.254, 192.168.4.254. and 192.168.5.254

I have set the default VLAN to untagged on all ports. VLANs 2-5 are set to tagged for their respective port (1-4) and exclude for other ports.

I have set DHCP relays to 192.168.1.202 which is my DHCP, DNS, AD services.

I read some months ago that when the first static IP address is assigned to the WAN port, that the VLAN ports will accept tagged packets on their ports and NAT them to the respective successive static IP (sounds a bit like magic to me). Regardless, I read that the RV180 can provide VLAN subnet NAT to up to 5 static IP address. I am not looking for 1 to 1 NAT, not the same.  I want to perform NAT on the four additional VLANs in the similar manner that VLAN 1 (default DMZ) IPs are NAT'd to the static WAN address. As in everything outbound on 192.168.1.0 is NAT'd to xxx.xxx.xxx.2

Additionally I would like all DHCP assigned by my DHCP server which I believe is accomplished with the DHCP relay setting on all five VLAN subnets, which point to the DHCP server 192.168.1.202

Lastly, I am trying to configure VPN connectivity into my DMZ network. I have configured a few accounts, enabled for PPTP. I have configured PPTP and am issuing 192.168.1.70-80. The VPN connection seems to work great without the use of Cisco quick VPN. I can see the remote picking up the 192.168.1.71 IP address as the VPN connection is made. From the remote I can ping IP addresses on the DMZ subnet 192.168.1.X   How can I configurer the Cisco RV180 PPTP server to provide the DMZ DNS ipaddresses? These addresses need to be 192.168.1.201 and 192.168.1.202

I feel I am almost there, but need some help in working out the VLAN subnet to Static NAT. I suspect it will be some routing configurations. The ISP business gateway on the WAN side that I point my router to which is owned by Verizon, is xxx.xxx.xxx.1    I have a /29 making IPs xxx.xxx.xxx.2-6  available to me.

Thanks.

Labels:
Preview file
64 KB
0 Helpful
4 Replies 4

jonatrod
Level 7
Level 7

‎02-15-2013 07:26 AM

Good morning

Hi dan, thanks for using our forum, my name is Johnnatan and I am part of the Small business Support community. I,ve seen your post and I´m a little curious about your configuration, I was wondering if could you share your topology, a picture is worth a thousand words, another form of configuration is the “port-forwarding”, you could map your ip´s to a specific port

I hope you find this answer useful,

*Please mark the question as Answered or rate it so other users can benefit from it"

Greetings,

Johnnatan Rodriguez Miranda.

Cisco Network Support Engineer.

“Please rate useful posts so other users can benefit from it” Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.
0 Helpful

jonatrod
Level 7
Level 7

‎02-15-2013 09:13 AM

Hi again dan, I read one more time your post and I noticed that you are using a VPN remote access using PPTP, do you have also problems with the VPN or just you have problems with the DNS? I was wondering of could you share a picture with the community, so in this way we could help you in a better way

Greetings and have a nice weekend!!!.

Johnnatan Rodríguez Miranda.

Cisco Network Support Engineer.

“Please rate useful posts so other users can benefit from it” Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.
0 Helpful

gpzilla89
Level 1
Level 1
In response to jonatrod

‎02-15-2013 01:37 PM

VPN is working fine. I am needing to NAT the four LAN Port VLAN(2,3,4,5) subnets (192.168.2-5.254/24) to WAN side IP addresses xxx.xxx.xxx.3-6/29.  xxx.xxx.xxx.2/29 is already NATing IPs from the default VLAN interface 192.168.1.254.

0 Helpful

jonatrod
Level 7
Level 7
In response to gpzilla89

‎02-26-2013 08:15 AM

Hi Dan, what you can implement is a secure network address translation (SNAT), You can configure SNAT to map a public IP address (your Dedicated WAN address, Optional WAN address, or another address) to an IP address on your private network. You can configure this feature using this document, on page 83 in firewall section,

I hope you find this answer useful,

*Please mark the question as Answered or rate it so other users can benefit from it"

Greetings,

Johnnatan Rodriguez Miranda.

Cisco Network Support Engineer.

“Please rate useful posts so other users can benefit from it” Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.
0 Helpful
Customers Also Viewed These Support Documents