Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Route-map vs. access-list.

Reply
Thread Tools

Route-map vs. access-list.

 
 
AM
Guest
Posts: n/a
 
      07-25-2005
Hi all,

till now I always used route-map on NAT rule to avoid translations of traffic directed to the other LAN through a VPN
tunnel. But route-map section has only a match rule to an ACL.

I've been applying that method as an external consultant told us but now I would ask you if the same result will be
obtained using simply an ACL instead of a route-map.

So below follows the real configuration


ip nat inside source route-map vpn_2hq interface Dialer0 overload
....
route-map vpn_2hq permit 10
match ip address 131
....
access-list 131 deny ip 10.134.3.0 0.0.0.255 192.168.31.0 0.0.0.255
access-list 131 permit ip 10.134.3.0 0.0.0.255 any


but should the next one be correct as well?

ip nat inside source list 131 vpn_2hq interface Dialer0 overload
....
access-list 131 deny ip 10.134.3.0 0.0.0.255 192.168.31.0 0.0.0.255
access-list 131 permit ip 10.134.3.0 0.0.0.255 any


Alex.
 
Reply With Quote
 
 
 
 
mjkiefer@gmail.com
Guest
Posts: n/a
 
      08-01-2005
As long as there is no action taken on the match, then an ACL should
work fine.

I would use: ip nat inside source list 131 interface Dialer0 overload

 
Reply With Quote
 
 
 
 
paranic
Guest
Posts: n/a
 
      08-01-2005
maybe he cant use
ip nat inside source list 131 interface Dialer0 overload

because above match ip address 131 on his route-map has a line similar
to this
route-map vpn_2hq permit 10
match ip address 131
match interface Dialer1

in order to NAT only traffic from dialer 1
and then default route everything to some other dialer or atm interface
without NAT
ip route 0.0.0.0 0.0.0.0 Dialer2

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Advertisments