Multiple Access List to a single interface with NAT overload

JoeSchmo · ‎12-01-2017

Does anyone know if this configuration would work or would NAT get conflicts? I know you can combine them on a single ACL however there is a much much larger story behind the need for 2 separate ACL's.

ip access-list extended LIST1
permit ip 192.168.1.0 255.255.255.0 host 1.1.1.1

ip access-list extended LIST2
permit ip 192.168.1.0 255.255.255.0 host 2.2.2.2

ip nat inside source list LIST1 interface g0/1.100 overload
ip nat inside source list LIST2 interface g0/1.100 overload

Francesco Molino · ‎12-01-2017

Hi

Yes it will work. However, even if there is a big story behind those 2 ACLs, technically you can combine them and no one will notice.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Julio E. Moisa · ‎12-02-2017

Hi

I agree with Francesco it will work, now as he mentioned you could use just one ACL to include both entries.

ip access-list extended LIST
permit ip 192.168.1.0 255.255.255.0 host 1.1.1.1
permit ip 192.168.1.0 255.255.255.0 host 2.2.2.2

ip nat inside source list LIST interface g0/1.100 overload

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<