L3 Cisco Switch

You can do this a couple of different ways.

The easiest is to configure one of the  switchports as a layer 3 interface:

int gig 1/0/1
no switchport
ip address 174.45.6.2 255.255.255.249
no ip route-cache
no shut

ip routing

ip route 0.0.0.0 0.0.0.0 174.45.6.1

vlan 100
name Internal
no shut

interface vlan 100
ip address 192.168.0.1 255.255.255.0
no shut

Select allOpen in new window

Then configure NAT as necessary to pass traffic out to ISP.

The other way you can do this is to configure the ISP network as an SVI as well:

vlan 50
name ISP
no shut

int vlan 50
ip address 174.45.6.2 255.255.255.249
no shut

ip routing

ip route 0.0.0.0 0.0.0.0 174.45.6.1

vlan 100
name Internal
no shut

interface vlan 100
ip address 192.168.0.1 255.255.255.0
no shut

Select allOpen in new window

Then configure NAT as needed.

The primary difference is going to be how:

1.  Addition of any other hosts directly to the ISP subnet as presented to you
2.  How/where you go about trying to secure things

Based on the little bit of information you have provided, I'd say go with option 1 and the ACL the layer 3 interface for securing.

Any ideas how to configure NAT on switch?

So, should ask Verizon about NAT?

That or you will need a third device.  If you are going to engage them, I'd also ask them why they are providing you with a device that is already EOS on the IOS and will be EOL in total in about  a year and a half.

verizon did not supply the switch, and they wont reconfigure there internet cpe. you connect a firewall or router at the cpe, that will do the nat.

I want to thank you both for your valuable input.

So, today we ended up putting an ASA and everything worked as it should.

Thanks.