+ Post New Thread
Results 1 to 4 of 4
South East Grid for Learning (SEGfL) Thread, KCN: to NAT or not... in Regional Broadband Consortiums (RBC); I'm hoping this is the right place to post, the SEGfL site seems to imply that Kent is part of ...
  1. #1
    tonyd's Avatar
    Join Date
    Mar 2006
    Location
    Kent (Sometimes), UK
    Posts
    163
    Thank Post
    17
    Thanked 42 Times in 31 Posts
    Rep Power
    25

    KCN: to NAT or not...

    I'm hoping this is the right place to post, the SEGfL site seems to imply that Kent is part of their network. If this is not the right place, then I guess I'll be needing a seperate KCN forum.

    Anyway, NAT. KCN supply the school with a /30 (1022 addresses) IP range. This is insufficient for our needs, we have over 1000 devices on the network already. So, we have in place a PIX firewall that is performing NAT for our VLANed network, but both the school and EIS are considering it's removal. I read that they will now supply us with a Cisco 2811 that they can configure to do NAT (?), but have not yet managed, after over a week of waiting, to speak to anyone at EIS on this subject.

    My prefered soultion is normally to use ISA 2006 in firewall mode to do NAT, firewall the network, cache and filter web traffic, and publish web servers. KCN on the other hand, already supply us with one ISA 2004 (WebSense) that is caching & filtering web traffic, and are suggesting we install another ISA box, in single NIC mode, to simply be used for re-directing and publishing our internal servers onto the web.

    I would like to know if:

    - any other schools are running the KCN Cisco 2811 as a gateway to VLAN'ed network.

    - or if you've got more than the standard /30 address space from them

    - come up with other solutions that EIS have allowed you to implement (or managed to implement without their help!)

  2. #2

    Join Date
    May 2008
    Location
    Kent
    Posts
    545
    Thank Post
    26
    Thanked 73 Times in 64 Posts
    Rep Power
    29
    We have a similar setup, EIS approached us a little while go about removing our pix and moving onto there range we told them we would consider it but have herd little since we have had a KCN Cisco 2811 behind the pix for quite sometime now. They should be able to give you more address space than that, personally i would just leave things well enough alown or if need be have the 2811 do NAT which should be easy enough to implement. Speak with Adam Page at EIS and he should be able to accomidate you somehow.

  3. #3
    Diello's Avatar
    Join Date
    Jun 2005
    Location
    Kent, England
    Posts
    1,064
    Thank Post
    112
    Thanked 228 Times in 128 Posts
    Rep Power
    75
    Yes, SEGfL is Kent, amongst others. Used to call it Seagull in the days before KCN!

    We've had a 2811 in place for awhile now, with an additional ISA server (...in additional to the WebSense box...) for re-routing web hosting.

    We also ran out of KCN-assigned IPs some time ago, but were lucky enough that quite a number of nodes don't need Internet access (printers, WAPs, laptops deliberately Internet-less, etc.), so put them on a different scope. Touch-wood, we're OK at the moment.

    They really should allocate you more if you need it. Talk to Gavin Hutchinson or Marc Turner, they've always got the job done when I've needed something).

  4. #4
    LorenzosEar's Avatar
    Join Date
    Sep 2008
    Location
    Kent
    Posts
    19
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0

    IP Range

    We applied to KCN to give us a range extension when we ran out of IP's.

    They could not extend our range as it had already been used elsewhere but they did give us a brand new /20 range (4024 IP's).

    Worth asking as all they do is change thier routing tables rather than you having to use NAT. Depends on if they have any spare and if they want to charge you or not.

    It was a bit of a pain moving the whole network over to a new range but not as bad as I'd first envisaged.

    Better to have a new range than NAT if they will give one to you and you plan your switchover 1st correctly.



SHARE:
+ Post New Thread

Similar Threads

  1. Destination NAT
    By Jackd in forum *nix
    Replies: 3
    Last Post: 19th September 2008, 12:27 PM
  2. NAT ntfs
    By mudcow007 in forum Hardware
    Replies: 2
    Last Post: 4th June 2007, 10:35 AM
  3. Using server 2003 as NAT
    By timbo343 in forum Wireless Networks
    Replies: 6
    Last Post: 4th May 2006, 03:55 PM
  4. Setting up NAT using IPTABLES
    By ChrisH in forum *nix
    Replies: 23
    Last Post: 9th November 2005, 02:54 PM
  5. Recommend NAT box please
    By mark in forum Wireless Networks
    Replies: 21
    Last Post: 13th September 2005, 09:01 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •