[nsp] RE: Route maps versus access-lists in NAT

Tomas Daniska tomas at tronet.com
Fri Apr 25 09:48:46 EDT 2003


> > Ah, a question that I can answer.  NAT can use standard 
> access lists or route maps, but can't directly use extended 
> access lists.  So if you want to use extended access lists to 
> classify whether traffic should be NATted, you'll need to 
> embed the ACL in a route map.

nack
 
> That might be true for *named* access lists, but "normal" 
> extended access
> lists (numbered 100-199) can be used fine.  We do that all the time.
> 

nack


i am using named extacls in nat for ages, without any problems.
route-maps are there to allow you for more inteligence in your nat rules
than access-lists do - e.g., interface matching etc.


i have several times used them, works nice. i can't imagine how one
would configure those boxes without route-map nat :)


--

deejay 



More information about the cisco-nsp mailing list