Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1618
Views
5
Helpful
7
Replies

Verizon Residential FIOS ONT - L2/L3 Switch - Dynamic PAT

Go to solution
HelpMePleaze
Level 1
Level 1

‎01-26-2022 07:55 PM

I have Internet only Verizon Residential FIOS. The Ethernet port is the active port (instead of the coaxial) on my Verizon Optical Network Terminal (ONT) box because I do not have TV service that uses coaxial connection. 

 

I am trying to interconnect the ONT box's ethernet port and interface GigabitEthernet1/0/1 on my Cisco L2/L3 switch. The Verizon ONT box hands out a single public IP address using DHCP. My goal is to make dynamic PAT to work so that client computers on the inside private IP addressing subnets 192.168.0.0/24 and 172.16.0.0/24 are translated to the single public IP address.

 

Please take a look at my switch configuration (attached) to see what I am missing. Not sure if I am missing a default route or static routes.

 

Any suggestions are welcomed, thank you very much!

Labels:
Preview file
2 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
HelpMePleaze
Level 1
Level 1
In response to Richard Burts

‎01-27-2022 05:53 AM - last edited on ‎01-29-2022 03:35 AM by Community Manager

Hi Richard, 

 

This is a 3750 switch running IP Service license. I was not able to make the

ip nat

working, that's why I am posting this to seek assistance. From the switch, I am able to ping 8.8.8.8 sourcing interface vlan 172 and I see the translation happening

 (show ip nat translation)

for the interface vlan 172 when I do that. However, the client PC is not able to ping 8.8.8.8 and I don't see any translation occurring.

 

my current setup:

ONT <<>> switch <<>> Client PC

 

Do I need to change the setup to

 ONT <<>> router <<>> switch <<>> Client PC?

 

View solution in original post

0 Helpful
7 Replies 7

Go to solution
paul driver
VIP
VIP

‎01-27-2022 12:19 AM - edited ‎01-27-2022 12:20 AM

Hello
Your configuration looks okay for PAT , Would suggest as this rtr is internet facing that you also hardened down the rtr possible with ZBFW or at least CBAC  


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to paul driver

‎01-27-2022 12:39 AM - last edited on ‎01-29-2022 03:34 AM by Community Manager

I would like to know what device this is. The original post describes it as L2/L3 switch. In general Cisco switches do not support nat. But the config does contain

 nat

commands. Can you check and see if

 nat

is really working?

HTH

Rick
0 Helpful

Go to solution
HelpMePleaze
Level 1
Level 1
In response to Richard Burts

‎01-27-2022 05:53 AM - last edited on ‎01-29-2022 03:35 AM by Community Manager

Hi Richard, 

 

This is a 3750 switch running IP Service license. I was not able to make the

ip nat

working, that's why I am posting this to seek assistance. From the switch, I am able to ping 8.8.8.8 sourcing interface vlan 172 and I see the translation happening

 (show ip nat translation)

for the interface vlan 172 when I do that. However, the client PC is not able to ping 8.8.8.8 and I don't see any translation occurring.

 

my current setup:

ONT <<>> switch <<>> Client PC

 

Do I need to change the setup to

 ONT <<>> router <<>> switch <<>> Client PC?

 

0 Helpful

Go to solution
HelpMePleaze
Level 1
Level 1
In response to paul driver

‎01-27-2022 05:32 AM

Thanks Paul for the suggestion. I am currently only using a L2/L3 switch. I may need to acquire a router to enable ZBFW.

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎01-27-2022 12:53 AM

Hello,

 

what was connected to the ONT box before, a Verizon router ? Is your GigabitEthernet1/0/1 interface actually acquiring a valid DHCP IP address ?

0 Helpful

Go to solution
HelpMePleaze
Level 1
Level 1
In response to Georg Pauwen

‎01-27-2022 05:57 AM

George, yes the interface GigabitEthernet1/0/1 does acquire a valid public DHCP IP address

0 Helpful

Go to solution
paul driver
VIP
VIP

‎01-27-2022 07:11 AM - last edited on ‎01-29-2022 03:37 AM by Community Manager

Hello

@HelpMePleaze wrote:

my current setup:

ONT <<>> switch <<>> Client PC



Do I need to change the setup to

 ONT <<>> router <<>> switch <<>> Client PC?

 

Yes - As

 Nat

isn't supported on 3750 switches so you would require a router in-between the ONT and the 3750 just like you have shown above

 

 

@HelpMePleaze wrote:

 
From the switch, I am able to ping 8.8.8.8 sourcing interface vlan 172 and I see the translation happening 

(show ip nat translation)

for the interface vlan 172 when I do that

I assume this is after you've introduced the rtr  in-between the ONT and the switch, or are you getting the nat table off the ONT device?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card