Hi,

Thank you for your first impression about my post. Please find here in attached a diagram discribing our network topology, I thank you in advence for your help.

Regards.

 Is there a reason your ISP wants you to use the public space block on the inside interface between the router and switch? Are you guys planning to do the NATing on the switch? if not, then NATing can be done on the edge router as well using the private space but in that case it would have to be re-NATed by the ISP. 

No there is no special reason, it is just like this in Algeria her we have only one ISP and it is a public owned communication company, we do plan to do NATing on the switch but it will be in the near future, right now we would like to make the installation run like it is mentioned on the drawing tostart using our Internet connection.

Hi,

Did you talk to your ISP and verify which address space you would be using to connect to them? because this would be dictated by them. Have you started the process of setting up your WAN connection? and if I understand your comments correctly then currently you are only interested in setting up the internet/WAN connection.

You would also need to ask your ISP if they require you run BGP on your end for peering or if you just would be using a static default route pointing to them.

Hi,

Yes I already talked to our ISP, in fact so far and in order to comission the internet connection with our provider we only proceeded with a local test setting the computer used to connect with static adress 41.111.131.154 and the Gateway with 41.111.131.153 before this we set the GE 0/0/0 interface of our router to 192.168.216.46 and  GE 0/0/1 to 41.111.131.153 and yes in fact we are in a hurry and would like to rapidely make internet connection available to our guests for some occasion, this is why I am wondering if there's a simple way of making it possible by setting DHCP service inside our router???

In another hand and based on our ISP feedback we have two static IP adresses we would be using as default route pointing to them.with them.

Hi,

with your current set up you can configure your router ISR4331 as a DHCP server and use any RFC 1918 address (private address space) for the lease pools to assign to internal users. It appears you are using network address 10.x.x.x  for end hosts so you can just define this address space in the lease pool of DHCP server.

Below is a link on how to configure DHCP server on cisco routers/switches:

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/812-cisco-router-dhcp-config.html

Since users would be connected to the switch, your switch would work as dhcp relay agent. If you have multiples vlans on the switch for users then a dhcp relay agent would be configured under each svi. Below is an example:

int vlan xx

ip helper-address x.x.x.x ( replace x.x.x.x with the dhcp server address, which will be 43.x.x.x address on the router)

!

ISR 4331 will also do the NAT for the internal users, so you would be NATing your internal private network to 43.x.x.x interface/address used on ISR 4331.

Something like this on ISR 4331:

ip nat inside source list 1 interface GE 0/0/1

HI,

I think you mean 41.X.X.X on the router isn't it?

Otherwise what if I configure the Wireless controler as DHCP server and set NAT on the ISR4321 router, will it still work, this way in case we would like to add or change IP DHCP Pool we will then proceed on the Wireless Controler fully Web based configurable.

Dear Cofee,

this is to thank you and to have you informed that I sorted out my problem by configuring the two static adresses received from our IPS as LAN ones into a nat pool, I made a DHCP server of my router and programmed NAT for overload and it is working thanks to you and to some help I got from experienced person here in Algeria.

Regards