Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1326
Views
0
Helpful
2
Replies

same subnet on both WAN and LAN interface

robertsouthgate
Level 1
Level 1

‎10-15-2014 01:30 AM - edited ‎03-04-2019 11:58 PM

Hi,

 

I have a backup ADSL connection on a Cisco 1921 and have a block of 8 IPs from the my ISP. -

 

Is it possibe to assign one of the static IPs to the LAN interface of the router, which will then connect to a different firewall/router to do NAT?, i.e. so that the router is simply passing through the connection and not doing any kind of NAT, or do I need a separate routeable IP range from my ISP for this to work?

Labels:
0 Helpful
2 Replies 2

Mario Grozdanovic
Level 1
Level 1

‎10-15-2014 07:02 AM

Hi robertsouthgate,

 

You can do that however, you will need to take you block of 8 and subnet it further to a /30. This would reduce your usable IPs. 

Another option would be if you are just looking for a pass through, to replace the router with a switch and just connect your Firewall to that. Not knowing what your ultimate goal is, that may work for you. 

 

-Mario

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Mario Grozdanovic

‎10-15-2014 07:54 AM

It sounds like the ISP has given the original poster a block of /29. This suggests that the ISP intends that the block be used for external connectivity and for address translation to be done on the router that connects to the ISP. It sounds like the original poster wants to do something different but I am not clear exactly what that is. If there is a router in some other part of the network where he wants to do address translation with these addresses would that traffic then be forwarded out of the network through some other exit point or would it be forwarded out using the 1921?

 

If some other router is doing translation with these addresses and sending the traffic out some other exit point then he introduces asymmetric routing since the return traffic will come through this ISP and the 1921.

 

Mario makes a reasonable suggestion about subnetting the address block. The original poster could take the /29 assigned by the ISP and create two /30 subnets which would allow him to have a public address on the WAN and a public address on the LAN, and allow the connected router to have a public address. This would allow the other router to PAT the outbound traffic.

 

The original post asked about the possibility of putting an address from the assigned block onto the LAN interface. Aside from the possibility of subnetting the block the other possibility to provide a public address on the LAN would be to configure bridging and to have the bridge group include both the WAN and LAN interface. But if he wants to do this the original poster would be better advised to put a switch onto that connection rather than the 1921.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card