09-24-2007 12:49 AM - edited 03-03-2019 06:53 PM
Hello everybody,
I have many networks that I need to NAT.
I don't know exactly what are these networks so, I tried to nat with an 'any' statment in my ACL.
But, it doesn't works (http://www.cisco.com/warp/public/556/nat-faq.html#qa39)
So I am looking to do this by using a route-map with a 'match interface' condition.
Has anybody tried this before ?
interface GigabitEthernet 0/0
ip nat inside
interface GigabitEthernet 0/1
ip nat outside
route-map NATme permit 10
match interface GigabitEthernet 0/0
ip nat pool NAT-pool 10.10.10.0 10.10.10.7 prefix-length 29 type rotary
ip nat inside source route-map NATme pool NAT-pool
Thanks !
09-24-2007 03:55 AM
if you don't know the origin of the paquet, just use an opened acl :acess-list 1 permit any any.
but: be sure g0/0 and 0/1 are L3 and you have a static route that route the trafic through g0/1
09-24-2007 11:07 AM
Hi, as mentioned by the poster and documented per link above, access-list any is not to be used with nat and in fact I found that for source, it causes problems.
09-24-2007 10:57 AM
Try using list with a permit for ip 0.0.0.0 255.255.255.255.
09-25-2007 01:10 AM
Yes, but it will become an any any statment:
ip access-list standard 10
permit 0.0.0.0 255.255.255.255
s ip access-lists 10
Standard IP access list 10
permit any
:(
09-25-2007 02:00 AM
Well, have you tried? Let us know.
10-12-2007 10:40 PM
Hello,
Yes, I tried this statement and it works but I hope I will not have 'unexpected behavior' has said in http://www.cisco.com/warp/public/556/nat-faq.html#qa39
Thanks
10-13-2007 02:41 AM
Now try to telnet to the router from outside to the outside interface. If it works, you are ok.
Inability to do so, is the 'unexpected behavior' mentioned.
10-13-2007 01:29 PM
OK, I will try this asap !
Thank you !
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide