NAT with route-maps?

Unanswered Question
Jul 24th, 2009
User Badges:

Will using NAT with route-map provide more security? the reason i asked was somebody told me but i could not find any information linking NAT with route-maps = more security. Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Collin Clark Fri, 07/24/2009 - 07:50
User Badges:
  • Purple, 4500 points or more

route maps are not a "security feature" so I don't see how using them would make NAT more secure.

Peter Paluch Fri, 07/24/2009 - 07:56
User Badges:
  • Cisco Employee,

Hi,


I don't think using route-maps with NAT provides more security. You use route-maps with NAT mostly to test the traffic for criteria that can't be matched using ACLs. For example, if you have two ISPs and each has given you a different pool of public addresses, you must take care to translate your internal addresses to the respective pool, depending on what ISP will you send the packets to. In this case, you can use the route map to match the outgoing interface or the next hop IP address to decide which pool will you use. You would not be able to do this just using ACLs.


Of course, if there are any other opinions I would love to hear them as well.


Best regards,

Peter


Actions

This Discussion