Meraki

Matt75 · ‎Mar 9 2022

Hello,

We are moving to a new ISP. We've been given a WAN /30 block, and an additional LAN /29 block. I have my WAN eth01 configured for the /30 address (xxx.xxx.206.206). I'm not sure the best way to setup the additional /29 ips (xxx.xxx.206.234-238) to NAT to inside/private LAN addresses.

Thanks,

Matt

Ryan_Miles · ‎Mar 9 2022

So, the /29 is for internal hosts that need to be accessed by the outside world? You can create the /29 subnet on the LAN side of the MX. Then create 1 to 1 NAT rules using the same real IP in both the Public and LAN IP spots. Screenshot examples below. And apologies if I misinterpreted your goal.

Or if the inside hosts will have private IPs then just adjust from the screenshot below to have the real/Public IP map to the corresponding private IP.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

Matt75 · ‎Mar 9 2022

You are correct. The ip's on the /29 do need to be accessed outside. I would have to NAT the outside addresses to the private LAN address (192.168.176.x).

Ryan_Miles · ‎Mar 9 2022

Got it. So yeah use the 1:1 NAT config and if you need to further limit it to specific accessible ports click the allow more connections link shown in the screenshot.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

Meraki

Community

Moving to a new ISP

Moving to a new ISP