SDM NAT config with 1 web server

Unanswered Question
Jun 10th, 2010

I was playing around with SDM's NAT creator using dynamic NAT with one web server on the LAN.  It made this config:

ip nat inside source route-map SDM_RMAP_1 interface Serial0 overload
ip nat inside source static tcp 192.168.1.213 80 xxx.xxx.xxx.xxx 80 extendable

access-list 100 remark SDM_ACL Category=2
access-list 100 deny   tcp host 192.168.1.213 eq www any
access-list 100 deny   ip 192.168.1.0 0.0.0.255 192.168.9.0 0.0.0.255
access-list 100 deny   ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 100 permit ip 192.168.1.0 0.0.0.255 any

route-map SDM_RMAP_1 permit 1
match ip address 100

I understand everything but the first deny in the ACL.  It's saying "don't NAT anything from the web server going to port 80."  Why?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion