How to build up a multi-nets network via Multi-Nets NAT feature on TP-Link router with L2+/L3 switches?
By default settings, TP-Link SMB router abandons packets whose source IP addresses are in different subnets from its LAN IP segment. But it occurs that we may need to divide an internal network into several subnets that share the same gateway router for Internet connection. In order to achieve this, the gateway router is required to be able to translate (NAT) and deliver packets from LAN, but whose source IP addresses are in different subnets from LAN IP segment.
Multi-Nets NAT function can help TP-Link SMB router provide NAT translation for multiple subnets. And in order to divide an internal network into several subnets, a L2+/L3 switch is needed.
Let’s take an example to explain in detail. A company has three departments in a building, Marketing, Finance and Personnel. Each department is assigned to an individual subnet. The requirements are as followings:
1) All the departments should be able to communicate with each other.
2) Three departments need to access Internet via the same gateway router.
Marketing department is 172.16.10.0/24 subnet segment, and Finance is 172.16.20.0/24. For Personnel department, they are within 172.16.30.0/24 subnet segment.
As the topology picture shows above, in this application scenario, we use TL-ER6120 v2 and T2600G-28TS v3 as configuration example.
Note: For other models’ different hardware versions, there may be different UI. But the configuration process of different UI is the SAME as the example’s UI basically, like:
Here in this example For TL-ER6120 v2:
Go to Transmission---->NAT---->Multi-Nets NAT, Click Add. Add Multi-nets NAT entries for the three departments: Marketing, Finance and Personnel as below. Noted that the Interface is WAN1 because now we want these subnets segments to access Internet via WAN1 and Source IP Range is the corresponding department’s subnet segment.
Add a Static Route entry respectively for Marketing, Finance and Personnel:
It is necessary for TL-ER6120 v2 to configure static routing to know where to deliver the packets to IP addresses in different subnets (172.16.10.0/24, 172.16.20.0/24 and 172.16.30.0/24). Go to Transmission---->Routing---->Static Routing. Add the following entries. Next Hop we fill in 192.168.0.126 which is interface IP of T2600G-28TS v3, and the Destination IP is the three corresponding subnet segment. Interface is LAN.
So far, we have finished the configuration on TP-Link router TL-ER6120 v2. Next we will continue the settings on T2600G-28TS v3.
For T2600G-28TS v3:
According to the topology, 4 subnets should be divided on T2600G-28TS v3:
System vlan1 (subnet:192.168.0.0/24,vlan interface 192.168.0.126);
Vlan2 for Marketing (172.16.10.0/24, vlan interface 172.16.10.1);
Vlan3 for Finance (172.16.20.0/24, vlan interface 172.16.20.1);
Vlan4 for Personnel (172.16.30.0/24, vlan interface 172.16.30.1).
Since vlan1 is the default vlan, we only need to change the interface IP for vlan1 as 192.168.0.126. Go to L3 FEATURES--->Interface to change the interface IP of vlan1 as 192.168.0.126. Then click APPLY as follows.
Here we create corresponding VLAN as we thought. Port 22 in vlan 1 as the uplink port. We create port 21 only in vlan2 for Marketing, port 23 in vlan3 for Finance and port 24 in vlan4 for Personnel, select ports as untagged and modify PVID as the corresponding VLAN ID. Go to L2 FEATURES---->VLAN---->802.1Q VLAN---->VLAN Config, click Add.
In the pop up page, we create vlan ID as 2 and add port 21 as Untagged Ports.
As wishes, we create vlan3 including port 23 and vlan4 including port 24.
Now we modify the PVID of them. Turn to Port Config. As following picture, set port 21’s PVID as 2, port 23 as 3, and port 24 as 4. Then click APPLY.
Go to L3 FEATURES---->Interface, click Add. We set the interface IP for vlan2, vlan3 and vlan4 as following screenshot.
Go to L3 FEATURES---->Static Routing---->IPv4 Static Routing, add the default route entry. Default route entry is indispensable, because IP packets to Internet whose destination IP is not in the direct routing table will be forwarded according to default route entry. Here we set it as 192.168.0.1.
Click Save button.
With the topology and all the settings above, the three departments in different subnets can communicate with each other through the T2600G-28TS v3 and access the Internet via the gateway router TL-ER6120 v2.
A sua resposta ajuda-nos a melhorar o nosso site.