Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2796
Views
0
Helpful
5
Replies

assigning a public IP to a L3 switch

saidfrh18
Level 1
Level 1

‎09-18-2012 05:37 PM - edited ‎03-04-2019 05:36 PM

                   Is it possible to assign a L3 switch port with a public IP? How do you rallow data from the Internet to the above port, if possible?

Thanks.

Said

Labels:
0 Helpful
5 Replies 5

Jon Marshall
Hall of Fame
Hall of Fame

‎09-18-2012 05:41 PM

Said

Yes you can assign a pubblic IP to a L3 switch. As far as the switch is concerned it is just another IP address.

Not sure what you mean by how do you allow traffic from the internet to it. Are you trying to give a public IP to a server for example ? If so a more common solution is to use NAT on your internet router/firewall.

Perhaps if you could provide more details in terms of your current setup and what you are trying to do ?

Jon

0 Helpful

saidfrh18
Level 1
Level 1
In response to Jon Marshall

‎09-18-2012 05:52 PM

Thanks Jon,

The above was an interview question.

My thinking is, if you assign a switch port fon a 48 port on a L3 switch with a public IP, then port should be put on a VLAN of its own, yes? If so, how are packets from the Internet routed through the perimeter router and firewall to the above port on the switch?

Thanks.

Said

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to saidfrh18

‎09-18-2012 06:01 PM

Said

If that is the full question then i'm really not sure what they were looking for.

If you assign the IP to the actual port on the switch and not the device connected to the port then you don't need a vlan you can just use -

int gi0/1

no switchport

ip address

the above is a routed port so no need for any vlan config.

As for how are the packets routed this seems a very open ended question. My answer would be "the same way everything else is routed.."   The permeter router would need a route for that IP/subnet pointing to the firewall and the firewall would need a route pointing to the L3 switch.

I'm really not sure what the question is designed to test. As i said in my previous post you don't generally use public IPs on internal equipment, you use private addressing and then use NAT on your firewall to translate private IPs to public IPs.

Was that all there was to the question ?

Jon

0 Helpful

saidfrh18
Level 1
Level 1
In response to Jon Marshall

‎09-18-2012 06:06 PM

The interviewer indicated that he wanted to be able to VPN inside the network.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to saidfrh18

‎09-18-2012 06:11 PM

I'm not sure how allocating a public IP to a specific port on a L3 switch is linked to VPN. L3 switches do not act as VPN endpoints so it can't be that.

Perhaps he mean't allocate a public to a device connected to the L3 switch ?

It's really difficult to give a full answer without having the full context of the question.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card