Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
897
Views
15
Helpful
4
Replies

Use the same source-list for several ip nat inside entries

m8372938
Level 1
Level 1

‎12-03-2021 11:23 PM

Hi all,

 

is it somehow possible to use the same source-list for several overload nat entries?

 

Let's say I have this rule at the moment:

ip nat inside source list 199 interface Dialer2 overload

But as I have ~ 100 Dialer interfaces, but only one Internal Subnet, one source list would be enough. But as soon as I want to enter the next rules like:

ip nat inside source list 199 interface Dialer3 overload

The first one gets overwritten.

 

So the question is, do I have to create one access-list for every rule, even if the content of the list is the same, or is there a better possibility?

 

This is my access-list:

access-list 199 permit ip 192.168.2.0 0.0.0.255 any

 

Thanks!

Labels:
4 Replies 4

Georg Pauwen
VIP
VIP

‎12-04-2021 01:56 AM

Hello,

 

good question ! I have tried about every available option, to no avail. It definitely looks like you have to create a separate access list for each interface.

 

Maybe somebody else comes up with some magic trick...

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎12-04-2021 03:01 AM

never had that requirement before - 

 

how about adding with route map

 

access-list 199 permit 192.168.2.0 0.0.0.255

 

route-map NAT_TO_Dialer2

match ip address 199

match interface x/x or Dialer2

 

route-map NAT_TO_Dialer3

match ip address 199

match interface x/x or Dialer3

 

ip nat inside source route-map NAT_TO_Dialer2 Dialer2 overload

ip nat inside source route-map NAT_TO_Dialer3 Dialer3 overload

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World
VIP
VIP
In response to balaji.bandi

‎12-04-2021 11:19 AM - edited ‎12-04-2021 11:19 AM

right way 
https://binaryglobal.com/blog/?p=129

 

0 Helpful

paul driver
VIP
VIP

‎12-04-2021 09:00 AM - edited ‎12-04-2021 09:03 AM

Hello
Yes you can- in fact you would expect to do so if your are using those dual wan links for resilience  however if you expect to use both wan links at the same time then you could but it wouldn’t be applicable 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Top