How do I connect my VLANs to the Internet using NAT and the appropriately configured ACL?

How do I connect my VLANs to the Internet using NAT and the appropriately configured ACL?

I have been using private addressing on my VLANS. Now I need to have them connect to the Internet over the router with sub-interfaces already defined. I know that I need NAT, and I know I need to configure the appropriate ACL, but I don't know how. I have tried several ACL combinations but to no success.

From your reply to some other question close to this, you said static route entries have to be provided with the Internet interface IP specified as outgoing address. But I already have all the interfaces as static (directly connected) routes. I'm confused.

    Requires Free Membership to View

    Login

    By submitting your registration information to SearchNetworking.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchNetworking.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Hi Ted,

For all your IPs which are inside your network you can use dynamic NAT, but if you have some servers that need to be accessed from outside, they need to carry a static NAT.

The statement you have mentioned talks about creating a static route pointing towards outside a network so that traffic can go outside. This statement is not related to NAT.

Hope this clarifies.

This was first published in May 2007