Step 3: TNSR IP Configuration

Use the following diagram to support the configuration to provide IP connectivity for the remote office.

TNSR remote office IP diagram

TNSR remote office IP diagram

There are two inside IP subnets: corp89 and guest220.

  • TNSR provides DHCP service to both inside subnets, corp89 and guest220, each using a DHCP address range of 100-199.

  • DNS on the corp89 DHCP includes an internal DNS address for access to the intranet.

IP Assignments

Interface Name

IP Address

IP Gateway

NAT

outside

192.168.0.53/24

192.168.0.1

outside/pool

corp89

172.21.89.1/24

n/a

inside

guest220

192.168.220.1/24

n/a

inside

Configure Interface IP Addressing and NAT

With the settings from above, enable IP and NAT on the corp89, guest220, and outside interfaces:

# outside interface
interface outside
  ip address 192.168.0.53/24
  ip nat outside
  enable
  exit
#
# corp89 interface
interface corp89
  ip address 172.21.89.1/24
  ip nat inside
  enable
  exit
#
# guest220 interface
interface guest220
  ip address 192.168.220.1/24
  ip nat inside
  enable
  exit
#
# enable outside interface IP as NAT pool (PAT)
nat pool interface outside

Use show interface and show interface ip to inspect the status of the interfaces.

Configure DHCP Pools

Configure the DHCP server for both inside interfaces, corp89 and guest220:

dhcp4 server
  interface listen corp89
  subnet 172.21.89.0/24
    pool 172.21.89.100-172.21.89.199
    exit
  interface corp89
    option routers
      data 172.21.89.1
      exit
    option domain-name-server
      data 10.10.10.75,1.1.1.1
      exit
    exit
  # next DHCP for guest220
  interface listen guest220
  subnet 192.168.220.0/24
    pool 192.168.220.100-192.168.220.199
    exit
  interface guest220
    option routers
      data 192.168.220.1
      exit
    option domain-name-server
      data 1.1.1.1,9.9.9.9
      exit
    exit
  exit
# enable the DHCP4 server
dhcp4 enable

Devices on the corp89 and guest220 interfaces should now be able to pull an IP address from DHCP and use the internet via NAT.

Configure IP Default Route

When using a static IP configuration on the outside interface, it is necessary to add an IP Default Route.

route ipv4 table ipv4-VRF:0
  route 0.0.0.0/0
    next-hop 0 via 192.168.0.1 outside
    exit
  exit

Devices on corp89 and guest220 should now be able to ping the internet.