Hi vijay

thanks for the quick reply. and thats my mistake fa 0/1 should be gi 0/1

and can i go with this nat policy whats the diffence between 1 and 2 below

1.

access-list 10 permit 10.10.45.0 0.0.0.255

ip nat inside sourcelist 10 int gi 0/1 overload

2.

#ip nat pool XXX netmask  255.255.255.248

#ip nat inside source list 10 XXX overload

Thanks

srikanth

Hi srikanth,

Some of the fiels are incorrect in your config.
See the below config which fits you....

int gi 0/0
ip address 10.10.45.1 255.255.255.0
ip nat inside

int  gi 0/1
ip address 99.89.99.99 255.255.255.248
ip nat outside

int gi 0/2
ip address 101.100.188.130 255.255.255.248
ip nat outside

ip nat inside source route-map nonat interface GigabitEthernet0/1 overload

route-map nonat permit 10
match ip address NONAT

ip access-list extended NONAT
permit ip 10.10.15.0 0.0.0.255 any

Please rate the helpfull posts.
Regards,
Naidu.

Hi Naidu.,

I doubt if the above said config works.

You had defined an access list

ip access-list extended NONAT

permit ip 10.10.15.0 0.0.0.255 any

which will match the source address on 10.10.15.0/24 network. This will not have any match.

so the natting itself will not happen. I guess the ACL shuld permit 10.10.45.0 instead of 10.10.15.0

Also, the NAT can be performed with ACL's alone instead of writing a route map. so we cannot claim that the config that srikanth had is incorrect. its just other way of matching the IP to NAT.

-Vijay

Hi Vijay,

I just put an example numbers, so the Srikanth need to change those number according to his requirement.
I knew that NAT can be perform with ACL's, the idea behind route-map are more flexible than ACL.
I thought to list what all the filelds can be put in more effecient way.

Hope I clear you...

Please rate the helpfull posts.
Regards,
Naidu.