Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2312
Views
0
Helpful
8
Replies

Router multiple interfaces

compiled
Level 1
Level 1

‎03-29-2021 03:10 PM

Need to know the best way to route multiple interfaces.

 

I have a router with 4 interfaces one outside and three inside.

 

100.100.100.1 outside wan internet interface

10.1.1.1 inside lan interface

10.1.2.1 inside lan interface 

10.1.3.1 inside lan interface 

 

Currently I can see and ping all interfaces of the router from any of the interfaces.

 

however, I need the lan interfaces to see each other and all the devices connected to each of the lan interfaces.  I can static nat inside sources from the wan to each of the lan interfaces. I just can’t communicate to devices from each lan interface to another lan interface.  I also would like the gateway on each of the interfaces to be the actual interface IP address.  What is the best practice to make this work?

Labels:
0 Helpful
8 Replies 8

balaji.bandi
Hall of Fame
Hall of Fame

‎03-29-2021 08:14 PM

I can static nat inside sources from the wan to each of the lan interfaces.

 

BB - you mean static NAT, do you have enough Public IP Address to do NAT ?

 

I just can’t communicate to devices from each lan interface to another lan interface.

 

BB - depends on config, you have set ACL all to NAT using outside interface, everything is nated, you can do NAT excempt from isnide 1 to inside 2 if you like Lan side.

 

 

 I also would like the gateway on each of the interfaces to be the actual interface IP address.  What is the best practice to make this work?

 

BB - you can set Local IP address for inside example 10.1.1.1   ( and you can map this to Public IP address when it going out) - is this what you looking?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

compiled
Level 1
Level 1
In response to balaji.bandi

‎03-29-2021 11:21 PM

Below is the basic config I just need the inside lan's to have access to each other

 

interface GigabitEthernet0/0/0
description Internet
ip address 100.100.100.2 255.255.255.240
ip nat outside
negotiation auto
!
interface GigabitEthernet0/0/1
description Interface 1
ip address 10.3.1.1 255.255.255.0
ip nat inside
negotiation auto
!
interface GigabitEthernet0/0/2
description Interface 2
ip address 10.3.2.1 255.255.255.0
ip nat inside
negotiation auto
!
interface GigabitEthernet0/0/3
description Interface 3
ip address 10.3.3.1 255.255.255.0
ip nat inside
negotiation auto
!
ip nat inside source list 1 interface GigabitEthernet0/0/0 overload
ip route 0.0.0.0 0.0.0.0 100.100.100.1
!
access-list 1 permit 10.3.1.0 0.0.0.255
access-list 1 permit 10.3.2.0 0.0.0.255
access-list 1 permit 10.3.3.0 0.0.0.255

0 Helpful

Georg Pauwen
VIP
VIP
In response to compiled

‎03-29-2021 11:48 PM

Hello,

 

not sure I understand what you are asking. From which source IP addresses do you want access to all inside interfaces ?

0 Helpful

compiled
Level 1
Level 1
In response to Georg Pauwen

‎03-30-2021 12:03 AM

10.3.1.1 to 10.3.1.255 needs to have access to 10.3.2.1 to 10.3.2.255. For an example once I get on network talking to another I can figure out the rest.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to compiled

‎03-30-2021 03:57 AM

They are same inside Interface, what is the issue you see here ? when the devie 10.3.1.X network try to reach 10.3.2.X ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Georg Pauwen
VIP
VIP
In response to compiled

‎03-30-2021 04:09 AM

Post a schematic drawing of your topology, showing where the hosts are, and how they are connected to the router.

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to compiled

‎03-30-2021 07:27 AM - edited ‎03-30-2021 07:28 AM

Hello @compiled,

 

NAT operation is triggered when going from an ip nat inside interface to an ip nat outside interface.

In your case traffic between internal LAN interfaces should still happen without the risk to trigger NAT as all of them are IP NAT inside interfaces.

 

If you want to create a more self-explaining configuration you can use:

 

access-list 123 deny ip 10.3.0.0 0.0.3.255 10.3.0.0 0.0.3.255

access-list 123 permit ip 10.3.0.0 0.0.3.255 any

 

route-map NAT permit 10

match address 123

 

no ip nat inside source list 1 interface GigabitEthernet0/0/0 overload

ip nat inside source route-map NAT interface GigabitEthernet0/0/0 overload

 

Hope to help

Giuseppe

 

0 Helpful

paul driver
VIP
VIP
In response to compiled

‎03-30-2021 07:41 AM

Hello
You don’t provide enough information as to the over all design however looking at what you have posted in relation to using 3 physical interfaces on the rtr for your lan, Then the lan switch(s) that connect directly to each of those rtr interfaces need to be in the same ip address range of either rtr interface, Thus providing a routed access layer design which means you cannot extend any layer 2 vlans across those switches, using the example below should establish connectivity between your lan subnets

 

 

Example:
switch a -  ( all access ports in vlan 11)
interface vlan 11
ip address 10.3.1.10 255.255.255.0

ip default-gateway 10.3.1.1

 

switch b - ( all access ports in vlan 12)
interface vlan 12
ip address 10.3.2.10 255.255.255.0

ip default-gateway 10.3.2.1

 

 

switch c -
interface vlan 13 ( all access ports in vlan 13)
ip address 10.3.3.10 255.255.255.0

ip default-gateway 10.3.3.1


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents