Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
329
Views
0
Helpful
1
Replies

Using ISP network with multiple private spans in a bridged/LAN manner?

ThomsonKrummeck
Level 1
Level 1

‎06-11-2014 01:27 AM

Dear all - this is a bit a of concept question. But it seems an obvious and generic requirement - but I can't find a nice, neat and simple solution? Or maybe I can't see the forest for the trees? Help/pointers would be appreciated - the first bit is the connectivity, I'll worry about the security issues once this has been put to bed. 

I need a WAN/LAN network with 30 plus nodes. My IPS will supply a nice fibre internet connection per node with fixed public IP's, each node has a /28 span (5 usable Public IPs) - so I have the foundation for an 'any to any' network (which I need) via these public IPs. I now need to expand the IP host connectivity behind the ISP supplied CPE. This expansions needs to be a set of private networks (say) 192.168.x.0/24 - with x being 1 to 30. - But I still need the 'any to any' connectivity. 

A (rather poor) ascii picture of what I need:

'                                                                   _________________

'                                                                   |          Internet         |

192.168.1.100/24 <---->ISP CPE/28 <-------> |                               |

192.168.2.100/24 <---->ISP CPE/28 <-------> |                               |

Etc up 'till 192.168.30.100/24                        |                               |

                                                                    |_________________|

The Internet becomes no more than a 30 port switch - with any 192.168.x.y being able to ping any other 192.168.x.y node

Any takers?

 

Labels:
0 Helpful
1 Reply 1

chrebert
Level 4
Level 4

‎06-14-2014 01:22 AM

Hello,

Just to make sure I have it correctly, you have several sites each with their own public addresses, which then have a private address range network behind them, and they need to all be able to communicate?

If so the solution would be site-to-site VPN tunnels.  That way each client could communicate with every other client using the private addresses, and all of the traffic going out over the ISPs public network would be encrypted.  This would involve a lot of tunnels so you would need a pretty beefy router, but that should give you what you are looking for.

Hope I understood it correctly and this helps,

Christopher Ebert - Advanced Network Support Engineer

Cisco Small Business Support Center

*please rate helpful posts*

0 Helpful
Customers Also Viewed These Support Documents