hello friends. this seems silly but i have this major confusion in my mind that i need you fellas to answer
Here is the scenario, i have one 5800 series wireless LAN controller and 16 APs, i created 3 Vlans one for APs One for Corporate and third Vlan for guests, specificlly vlan 10, 20, and 30, i have also created their interfaces, as interface vlan 10 , 20 and 30 respectively. i have configured DCHP for on switch which is backbone of a network and on dhcp i have assigned the addresses as 10.10.10.0/24 for vlan 10. 126.96.36.199/24 for vlan 20 and 188.8.131.52/24 for vlan 30 now interface vlan ip address for int vlan 10 is 10.10.10.1 and for 20 is 184.108.40.206 and for 30 is 220.127.116.11 in order to make them communicate i will have assigned virtual interface's ip address to its specific vlan , i.e 10.10.10.1 default router for vlan 10. 18.104.22.168 for vlan 20 and 22.214.171.124 for vlan 30 now this is the communication for within my local network , now i have a router that is connected to this core switch where i have created all the vlans and interfaces to those vlans, that router is connecting me to outer world. whose ip address is suppose 192.168.1.1 ,
now i need to provide internet access to all the clients in vlan 20 and 30 , what will have to do there on switch since i have configured the default router's addresses for each vlan already ,now i will have to assign dns address provided by isp only ? do i need to enable routing there ,on switch ? what additional steps do to provide internet access to my clients, the major confusion is that we use our router's ip address as default gateway but didnt i used interface vlan's ip address as default gateway for each vlans already? please i need your assistence in this regard in simple words.
The problem you have is the switch wont support Network Address Translation as if it did it would be a simple step to enable nat for your newly created vlans and they would gain internet access.
Do you have access to the wan rtr -and if so does it support sub-interfaces?
If the answer is yes then its possible to create the routing for your new vlans on that rtr and amend the dhcp and nat also, Then just have your switch running has a host switch with a trunk link into the wan rtr.
Any possible solution would be to install an additional rtr (rtr2) between the wan rtr1 and your L3 switch
Have rtr2 wan interface connect to the wan rtr1 lan interface on 192.168.1.0/x wilh a default route, then create the sub-interfaces on rtr2 lan interface and connect to your L3 switch.to it
Enable Nat, dhcp and you should be good to go
Thankyou sir for your responce , actually i dont have a router in my design, i dont think so i will have a trunk configured with isp's router, i have 3850 switch and router or modem that i think ISP will install a router or modem only for internet service, so i wont have any access to their router , i am only concerned with the configuration of my switch, that will be connected to isp's router in my building's permesis, i dont think 3850 supports nat, there will be 6 layer 2 2960 switches located on different areas and will have vlans, i want to create atleast 3 vlans and one vlan will have to get full speed and minimum delay, what configuration do i need should i put there on switch if its connected to isp's router/modem , i think they will do the nating for my internal network,?
what will be the configuration on switch i mean i have already assigned the interfaces of vlans as their default gateway respectively, do i need to put their ip default gateway 0.0.0.0 0.0.0.0 router's ip address? if i do this i will have to disable ip routing on layer 3 switch which is my core and i want 2 vlans to communicate between eachother as of now.
Without a managed RTR/FW yourself then you are reliant on the ISP and what you negotiate with then regards these vlans, and the other important things like security -but either way they will be performing the NAT.
It could be that the ISP let you do this- In which case you will have ip routing enabled on the distribution switch ( the switch connected to isp and all other switches) with a default route pointing towards the ISP next hop.address.
If they do it, - Then the distribution switch will become a host switch in that no ip routing is enabled and it will have a default-gateway pointing to your providers next hop address.
Once you've done that, then your others switches can be interconnect via trunks from the various parts of the building to the distribution switch.
Intervlan routing is done internally on distribution switch, i dont think ISP has to do anything with what i do locally in my network, last thing , i will create intervlan routing for different subnets and then i will have to enable routing, after that i must configure the mls to use a default gateway that will point my network to ISPs router? Is that correct
As I have stated -yes you can have th distribution switch perform the inter-vlan routing but without a rtr your internal vlans won't get anywhere externally-