ACL on ROUTER?

Unanswered Question
Jul 24th, 2010
User Badges:

if i apply acl on some router a, and i block one ip from internal network, then i use nat on that router,nat will change that ip to public ip ,then how can i block that using my previous access list?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ganesh Hariharan Sun, 07/25/2010 - 23:59
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

if i apply acl on some router a, and i block one ip from internal network, then i use nat on that router,nat will change that ip to public ip ,then how can i block that using my previous access list?

Hi,


If you apply acl in local lan interface for private ip if the source match for deny then it will not go for internet traffic for natting.


Hope to Help !!


Ganesh.H


Remember to rate the helpful post

Panos Kampanakis Mon, 07/26/2010 - 07:25
User Badges:
  • Cisco Employee,

If you know what the internal private ip will be translated to you can create a new ACL for the inbound traffic applied on the outside interface. But that will work if the internal ip is natted and if it is not overload PATted to the global.


PK

Actions

This Discussion