08-28-2023 03:31 AM
Looking for advice on my current setup workaround:
1. My home network employs a Netgear router that unfortunately lacks VLAN support. This router connects to my ISP.
2. The router's LAN is configured as 192.168.15.0/24 and provides internet access.
3. I've introduced a Cisco 3560 switch into the setup. I connected the gi0/9 port of the Cisco switch to the Netgear router. I enabled IP routing on the Cisco switch and converted the gi0/9 port into a Layer 3 port, assigning it IP 192.168.15.21 (no switchport command).
4. On the Cisco switch, I've set up three VLANs: 10.88.6.0/27, 10.88.7.0/27, and 10.88.3.0/27. Each VLAN has a relevant DHCP pool configured on the switch. Additionally, I've created SVIs (Switch Virtual Interfaces) for each VLAN, with gateways 10.88.3.1, 10.88.6.1, and 10.88.7.1.
5. Since my Netgear router doesn't support VLANs, I cant direct all tagged traffic to the interface connecting to the Netgear router (so no trunking).
6. Instead of trunking, I've implemented NAT overload for the networks 10.88.6.0, 10.88.7.0, and 10.88.3.0 on the inside, and the gi0/9 interface of the Cisco switch on the outside. This translates all addresses to 192.168.15.21, allowing internet access.
7. My question pertains to accessing the VLAN networks (10.88.0.0) from the 192.168.15.0 network. The router's LAN is unaware of the 10.88.0.0 networks.
8. My Netgear router does support static routes. I attempted to add static routes for VLANs 10.88.6.0, 10.88.3.0, and 10.88.7.0, all pointing to the gateway 192.168.15.21 of the Cisco switch's gi0/9 interface. Unfortunately, this approach hasn't yielded success.
Any guidance on resolving this connectivity challenge would be greatly appreciated. Thank you in advance!
#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 192.168.15.21:1024 10.88.3.1:1 192.168.15.22:1 192.168.15.22:1024
icmp 192.168.15.21:1025 10.88.3.1:101 192.168.15.1:101 192.168.15.1:1025
08-28-2023 04:29 AM
Hi @sambobbi
What you can do, as soon as you switch support NAT, ip routing and layer3 interface is do not use the netgear. Your switch is actually acting as a router on there.
"7. My question pertains to accessing the VLAN networks (10.88.0.0) from the 192.168.15.0 network. The router's LAN is unaware of the 10.88.0.0 networks."
This means that you have different devices connected to the netgear and need to have access to those Vlans or the netgear itself need to have access to the real IP of those vlans?
What you can try is to add a static NAT on the switch and instead calling the vlans´s ip address you can call the NATted IP address from the netgear or from the vlan to netgear.
08-28-2023 05:22 AM
You can keep your NETGEAR router. It’s your Internet gateway. It is a good idea to keep it separate from the rest of your local network. Your set up looks almost complete to me. Just disable the NATting on the switch. It is not needed, but you need those static routes on the router. You can also substitute those individual static routes with just one, more general.
10.88.0.0 255.255.0.0 192.168.15.21 LAN
That will came handy if you add additional 192.168.x.x subnets.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide