01-24-2011 08:03 AM - edited 03-04-2019 11:11 AM
Is there a way to exclude one address in the middle of the range from the NAT pool? When I create 2 pools eliminating the excluded IP in the middle, and apply both pools to the same the second "ip nat inside" statement rewrites the previous statement.
In the example below I'm trying to exclude 1.1.1.6
ip access-list ext NAT_Allow
permit ip 192.168.0.0 255.255.255.0 any
ip nat pool Eagle0 1.1.1.1 1.1.1.5 prefix-length 24
ip nat pool Eagle1 1.1.1.7 1.1.1.250 prefix-length 24
ip nat inside source list NAT_Allow pool Eagle0
ip nat inside source list NAT_Allow pool Eagle1 <--When I do this the IP NAT INSIDE statement gets rewritten to Eagle1 and Eagle0 is removed
Thanks for the help
Newt
01-24-2011 10:27 AM
Not sure about excluding one IP but might be you are looking fo
r this.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml
Thanks
Ajay
01-24-2011 11:43 AM
Ajay,
Thanks for the reply, but I don't think that will work. Using route-maps I could map two ACLs to one pool, but I'm looking to map two pools to one ACL (or exclude the single IP from the NAT pool range).
From what I've found, I will probably have to split the pool up and create two ACLs. One ACL for each side of the IP I can't use. I'm sure this is an uncommon scenario, but I would think there would be a command like the IP DHCP EXCLUDE.
Thanks for the response
Newt
01-24-2011 11:49 AM
Hi,
Try this:
ip nat inside source list NAT_Allow1 pool Eagle0
ip nat inside source list NAT_Allow2 pool Eagle1
and create 2 ACLs for the natting instead of 1 splitting your inside hosts in 2
Regards.
Alain.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide