NAT with route-maps?

Unanswered Question
Jul 24th, 2009

Will using NAT with route-map provide more security? the reason i asked was somebody told me but i could not find any information linking NAT with route-maps = more security. Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Collin Clark Fri, 07/24/2009 - 07:50

route maps are not a "security feature" so I don't see how using them would make NAT more secure.

Peter Paluch Fri, 07/24/2009 - 07:56

Hi,

I don't think using route-maps with NAT provides more security. You use route-maps with NAT mostly to test the traffic for criteria that can't be matched using ACLs. For example, if you have two ISPs and each has given you a different pool of public addresses, you must take care to translate your internal addresses to the respective pool, depending on what ISP will you send the packets to. In this case, you can use the route map to match the outgoing interface or the next hop IP address to decide which pool will you use. You would not be able to do this just using ACLs.

Of course, if there are any other opinions I would love to hear them as well.

Best regards,

Peter

Actions

This Discussion