We currently assign public IPs to both Wired and Wireless users (We own a /16). We would like to start using private IPs.
I've been asked to find out what other higher education institutions are doing as we do expect push back from some in the community.
If you can share, I would to know which you use.
If you recently made the transition from public to private did you get push back? And how did you resolve it?
We use a 10./16 per building then subnet per vlan. Before you start the migration you will need to find out if there are any source/destination (outbound) requirments. For instance our bank whitlists specific IP addresses need either 1 to 1 NAT or a small public NAT pool.
Inbound should be straight forward.
Small NAT pools are the way to go and keep it simple.
Ohio State started its road from IPv4 public to IPv4NAT+IPv6 dual-stack ~3 years ago. We started out of necessity: we were running out of /23s to add to our existing VLAN pools. We leveraged ClearPass to isolate phones/tablets using student credentials (largest population) and started putting them into IPv4NAT /20s frontended by a public /25. After that success, we ended up putting all student devices in that same pool. Overtime, and with our upgrade to ArubaOS8, we've migrate ~90% of our client base to IPv4NAT+IPv6 dual-stack. The only remaining population is our internal LAN for colleges/units that use central IT for all IT services. I won't be surprised if this pool is migrated as well.
Feel free to PM if you have specific questions.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.