SDM NAT config with 1 web server

Unanswered Question
Jun 10th, 2010
User Badges:

I was playing around with SDM's NAT creator using dynamic NAT with one web server on the LAN.  It made this config:

ip nat inside source route-map SDM_RMAP_1 interface Serial0 overload
ip nat inside source static tcp 80 80 extendable

access-list 100 remark SDM_ACL Category=2
access-list 100 deny   tcp host eq www any
access-list 100 deny   ip
access-list 100 deny   ip

access-list 100 permit ip any

route-map SDM_RMAP_1 permit 1
match ip address 100

I understand everything but the first deny in the ACL.  It's saying "don't NAT anything from the web server going to port 80."  Why?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion