Hi Jon, Thanks for this. This makes a lot of sense. I noted taht you said if I use STATIC NAT then I can get rid of the Dynamic NAT/PAT. I am a little stuck on what the Config might look like. Would it just be : ip nat inside source static 10.5.1.x 172.16.1.250 what about Nating outside into VLAN1 on 172.16.1.250? Would this still work? ... View more

Hi Reza, Thanks for that. I had actually come across that document and it was really helpful. Appreciate your adive on VLAN1 - its a old network config that I have picked up and we are beginning to slowly migrate out of VLAN1...a bit of a slow process but getting there! After doing some more research, I think STATIC NAT is the way to go..just a bit unsure. Below is the parts of my config that are maybe relevant. interface Vlan205 description Infrastructure_Subnet ip address 10.1.5.254 255.255.255.0 ip helper-address 10.0.3.100 ip nat inside interface Vlan1 description Legacy_VLAN ip nat outside access-list 1 permit 10.1.5.0 0.0.0.255 ip nat pool ucasinfpool 172.16.1.250 172.16.1.250 prefix 24 ip nat inside source list 1 pool ucasinfpool overload ... View more

version 12.2 ! no logging buffered ! ip subnet-zero ip cef ! ip name-server 192.12.72.109 ip name-server 128.86.8.25 ip name-server 138.38.32.3 ip name-server 138.38.146.21 ip name-server 141.163.1.250 ! no call rsvp-sync ! interface FastEthernet0/0 description Link to External Switch ip address 194.80.x.x 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/0.1 description Guest_Access VLAN encapsulation dot1Q 10 ip address 20.0.0.50 255.0.0.0 ! interface FastEthernet0/1 description Link to ISP ip address 194.82.x.x4 255.255.255.252 duplex auto speed auto ! ip classless ip route 0.0.0.0 0.0.0.0 194.82.x.x3 ip http server ip http authentication local ! ntp clock-period 17179766 ntp server 194.82.125.73 ... View more

Hi Mark, Thanks for your response. I have just been on the CCNA course, so trying to remember all the commands. The command: ip nat pool mypool 194.x.x.x 194.x.x.x prefix 30 Would that be the ip address of the External Router? ... View more

That could be the problem. there is no device handling any NAT translations. Any suggestions on what I could use and where in the link it would fit? ... View more

There are no ACL issues - its a basic router config. But I can ping the 10.0.0.101 address which has been assigned to my laptop over the wrieless network. Would it help if I sent you an amended copy of my router config? ... View more

No firewall. Its just straight internet connectivity via the router to the internet. ... View more

Hi dennischolmes, Thanks for your reply, i have tried to create an interface on the controller as you suggested. however I get the following error " Error in setting VLAN and port. Cannot have multiple untagged dynamic interface on the same port" was ondering if you could shed any light on that error. Trying to setup the Trunk port on the 2950 switch, it won't allow me to set the encapsulation dot1q - is this down to the software version of the switch? ... View more