Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
0
Helpful
2
Replies

ACL on ROUTER?

gaurang.malgaonkar
Level 1
Level 1

‎07-24-2010 01:34 AM - edited ‎02-20-2020 09:42 PM

if i apply acl on some router a, and i block one ip from internal network, then i use nat on that router,nat will change that ip to public ip ,then how can i block that using my previous access list?

Labels:
0 Helpful
2 Replies 2

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎07-25-2010 11:59 PM 

if i apply acl on some router a,
 and i block one ip from internal network, then i use nat on that 
router,nat will change that ip to public ip ,then how can i block that 
using my previous access list?

Hi,

If you apply acl in local lan interface for private ip if the source match for deny then it will not go for internet traffic for natting.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

0 Helpful

Panos Kampanakis
Cisco Employee
Cisco Employee

‎07-26-2010 07:25 AM

If you know what the internal private ip will be translated to you can create a new ACL for the inbound traffic applied on the outside interface. But that will work if the internal ip is natted and if it is not overload PATted to the global.

PK

0 Helpful
Customers Also Viewed These Support Documents