Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
542
Views
0
Helpful
2
Replies

2 Route-map(s) that match the same interface

Go to solution
NetAdmin2
Level 1
Level 1

‎06-28-2021 09:55 AM - edited ‎06-28-2021 08:44 PM

 

I have the following configuration:

 

interface FastEthernet0/1/0
 ip address 70.56.84.93 255.255.255.252
 ip access-group ACL_Internet_Inside in
 ip access-group ACL_Internet_Outside out
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip nat outside
 ip virtual-reassembly in
 duplex full
 speed 100
 
ip nat inside source static 172.26.200.51 212.118.121.220 route-map RM-PERMIT-NAT-INET-SOURCE-MIRRORED-172.26.200.220 extendable no-alias
ip nat inside source static 172.26.200.51 212.118.121.221 route-map RM-PERMIT-NAT-INET-SOURCE-MIRRORED-172.26.200.221 extendable no-alias

route-map RM-PERMIT-NAT-INET-SOURCE-MIRRORED-172.26.200.220 permit 10
 match ip address LIST-PERMIT-NAT-INET-SOURCE-MIRRORED-172.26.200.220
 match interface FastEthernet0/1/0

route-map RM-PERMIT-NAT-INET-SOURCE-MIRRORED-172.26.200.221 permit 10
 match ip address LIST-PERMIT-NAT-INET-SOURCE-MIRRORED-172.26.200.221
 match interface FastEthernet0/1/0

I'm trying to understand how come 2 route-map can "match" the same interface.

It's that possible ?

 

2nd question:

Let's say we want to remove the route maps and the ACL defined for the route maps.

What are the steps ? Remove first the NAT, 2nd remove the route-map, 3rd - remove the ACL ?

 

3rd question:

In case of a roll-back of the removed items, the process is the other way around ?

Create first the ACL, create the route-map and add the ACL defined first, and 3rd step - define the NAT ?

 

Thank you so much.

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎06-28-2021 10:21 AM

Hello @NetAdmin2 ,

it is supported because they are actually matching the exit interface .

In route-maps used with NAT this match interface is used for example to differentiate and use different address pools

 

Here they are used for two static NAT with extendable keyword.

 

2) you need first to remove each statement that invokes each route-map otherwise you cannot delete them. Then you can delete the route-maps and finally the ACLs.

 

3) Yes it is the opposite you need to create the ACL first, then to configure the route-maps, finally the statements using the two route maps

 

Hope to help

Giuseppe

 

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎06-28-2021 10:21 AM

Hello @NetAdmin2 ,

it is supported because they are actually matching the exit interface .

In route-maps used with NAT this match interface is used for example to differentiate and use different address pools

 

Here they are used for two static NAT with extendable keyword.

 

2) you need first to remove each statement that invokes each route-map otherwise you cannot delete them. Then you can delete the route-maps and finally the ACLs.

 

3) Yes it is the opposite you need to create the ACL first, then to configure the route-maps, finally the statements using the two route maps

 

Hope to help

Giuseppe

 

 

0 Helpful

Go to solution
NetAdmin2
Level 1
Level 1

‎06-28-2021 12:21 PM

Thank you so much Giuseppe.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card