pskemp
asked on
Porting forwarding from router via layer 3 switch
Hi,
I have a netwotk setup which consists of 3 vlans, one corporate, one guest and one for the shared internet access, all on different subnets.
I'm using a netger GSM7328 as the layer 3 for the ip routing and a draytek router for the internet router.
This all works fine, but i now need to setup port forwarding on the router to route to a PC on the corporate vlan.
The trouble is the router only allows me to enter a ip on the same subnet.
So it's like i need to get the router to forward to an ip in the same subnet which would be the layer 3 switch and for that to then forward onto the PC in question.
Anyone know how to do this, i've looked at the documentation and can't see anything obvious but seeing the layer 3 is a router i would have thought i could.
Thanks in advance.
I have a netwotk setup which consists of 3 vlans, one corporate, one guest and one for the shared internet access, all on different subnets.
I'm using a netger GSM7328 as the layer 3 for the ip routing and a draytek router for the internet router.
This all works fine, but i now need to setup port forwarding on the router to route to a PC on the corporate vlan.
The trouble is the router only allows me to enter a ip on the same subnet.
So it's like i need to get the router to forward to an ip in the same subnet which would be the layer 3 switch and for that to then forward onto the PC in question.
Anyone know how to do this, i've looked at the documentation and can't see anything obvious but seeing the layer 3 is a router i would have thought i could.
Thanks in advance.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Will this pc be accessed by anyone or just limited ip's? Assuming limited - You could add a NIC to the PC and put this connection on the shared VLAN. Open up the PC firewall to allow in the service you want then add a persistent route to use this interface to get back to the originating ip
ASKER
Thanks for the responses.
The only reason for the vlans is to seperate the guests from the corporate but with a shared internet connection for them both. I use ACL to block the guest VLAN from talking to the Corporate VLAN.
So if i implement the second nat on the draytek router, think i know what to do there, but what CLI do i apply to the layer 3 to port forward the request on the the pc on the corporate VLAN.
Cheers Paul.
The only reason for the vlans is to seperate the guests from the corporate but with a shared internet connection for them both. I use ACL to block the guest VLAN from talking to the Corporate VLAN.
So if i implement the second nat on the draytek router, think i know what to do there, but what CLI do i apply to the layer 3 to port forward the request on the the pc on the corporate VLAN.
Cheers Paul.
ASKER
In order to get this working for now i've simply moved the required devices on the the shared internet vlan, as they can happily sit there without any problem and thus forward port normally.
I will when i get time try the second nat idea to see how that works.
Cheers Paul.
Thanks for the responses.
I will when i get time try the second nat idea to see how that works.
Cheers Paul.
Thanks for the responses.