I have been using private addressing on my VLANS. Now I need to have them connect to the Internet over the router...
with sub-interfaces already defined. I know that I need NAT, and I know I need to configure the appropriate ACL, but I don't know how. I have tried several ACL combinations but to no success.
From your reply to some other question close to this, you said static route entries have to be provided with the Internet interface IP specified as outgoing address. But I already have all the interfaces as static (directly connected) routes. I'm confused.
For all your IPs which are inside your network you can use dynamic NAT, but if you have some servers that need to be accessed from outside, they need to carry a static NAT.
The statement you have mentioned talks about creating a static route pointing towards outside a network so that traffic can go outside. This statement is not related to NAT.
Hope this clarifies.
Dig Deeper on Network Infrastructure
Related Q&A from Sudhanshu Gupta
One difference between managed and unmanaged switches is complexity. A managed switch is more complex and requires more skills, but it offers better ... Continue Reading
Unmanaged Linksys switches don't know where to send BootP and DHCP requests. Find out what to do to fix the problem of unmanaged switches and DHCP ... Continue Reading