Folks,
In below scenario where I am excluding 192.168.1.0/24 from NAT - in what
scenario I'd use route-map?
Noticed, I am not tweaking any metric or anything.
Task# exclude 192.168.1.0/24 from NAT
My understanding is both solution will work but easier one is solution#2
without route-map. Save time in typing :)
what are your thoughts?
--------------- Solution#1----------------
ip access-list extended NAT
deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
permit ip any any
route-map POLICY-NAT 10
match ip address NAT
ip nat source route-map POLICY-NAT interface s0/0 overload
interface f1/0
ip nat inside
interface s0/0
ip nat outside
----------Solution#2---------------
ip access-list extended NAT
deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
permit ip any any
ip nat source list NAT interface s0/0 overload
interface f1/0
ip nat inside
interface s0/0
ip nat outside
Blogs and organic groups at http://www.ccie.net
Received on Sun May 15 2011 - 11:51:45 ART
This archive was generated by hypermail 2.2.0 : Wed Jun 01 2011 - 09:01:11 ART