04-17-2013 05:12 PM - edited 03-04-2019 07:38 PM
Hi network gurus,
How is the processing order of nat rules with routemaps determined?
(part of the configuration)
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat enable
ip nat source route-map RMAP1 pool POOL1 overload
ip nat source route-map RMAP2 interface FastEthernet0/1 overload
access-list 1 permit 10.4.0.0 0.0.255.255
access-list 2 permit 10.0.0.0 0.255.255.255
route-map RMAP1 permit 10
match interface FastEthernet0/1
match ip address 1
route-map RMAP2 permit 10
match interface FastEthernet0/1
match ip address 2
ip nat pool POOL1 192.168.1.10 192.168.1.10 netmask 255.255.255.0
When I connect from 10.4.0.1 I get RMAP1. When I connect from 10.3.0.1 I get RMAP 2. This is the desired result, but I want to understand why?
10.4.0.1 also matches with access-list 2. I have tried to change the order of all components in the configuration but I always get the same result. Is this done automatically, because access-list 1 is more specific/explicit? Without removing RMAP2 is it possible to match 10.4.0.1 with access-list 1/RMAP1? How can I manipulate the order of processing?
It is really strange to me, because I cannot explicitly configure a desired order. Please help me understand. I hope you understand my question. I have googled and read articles for hours, but I can't find this information. I really depend on a network guru right now.
John
04-22-2013 07:41 AM
Hello John,
Here are some explanations, did you read them?
https://learningnetwork.cisco.com/docs/DOC-8009
https://supportforums.cisco.com/thread/226912
https://supportforums.cisco.com/thread/218467
Best Regards
Please rate all helpful posts and close solved questions
04-29-2013 04:43 PM
Thanks for your help.
The links do not address my question, but I have already learned that route-maps are prioritized by most explicit access-list first.
John
04-29-2013 04:47 PM
I do not see how I can close solved questions.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide