I have a Centos minimal 6.5 acting as a router. eth0 is connected to a Cisco switch trunk port, allowing VLANs 200-213.

I have several VLAN interfaces just as this link suggests:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-networkscripts-interfaces_802.1q-vlan-tagging.html

And have IPv4 forwarding, so all my network devices from any of the networks 200-213 can communicate with each other using this linux box as their router.

Problem is, I need them to access the Internet, so I added the following rule:

iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j SNAT --to 1.1.1.56

1.1.1.56 is the "outside" address. This works fine, devices connected to the internal networks can ping Intertnet addresses BUT, they stop being able to talk to each other across subnets, so 192.168.211.55 can ping 8.8.8.8, but can't talk to 192.168.213.5.

As soon as I do a service iptables restart to remove the rule, I can start talking across internal subnets again.

What would be the correct way to set up NAT for multiple private subnets? Or maybe the correct way to set up forwarding?