Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
419
Views
0
Helpful
1
Replies

ACL and reverse-nat

yoyo_the_king
Level 1
Level 1

‎08-26-2010 07:48 PM - edited ‎03-04-2019 09:34 AM

Hi All,

I want to apply a PBR on ADSL Router (1800 series) on the return of packet for a user in Lan behind a firwall.

so i create an acl with criter of destination ip address of this user.

as the access is ADSL, all ip are hided behind public ip adress.

so the return packet come with destination adress of public ip.

the question is: the acl is verified before reverse-nat??? if so the acl with criter of user ip will never matched.

or the acl is verified after the reverse-nat???

thanks for your help

Labels:
0 Helpful
1 Reply 1

Atif Awan
Cisco Employee
Cisco Employee

‎08-26-2010 09:08 PM

As per the documented NAT order of operations at:

http://www.cisco.com/application/pdf/paws/6209/5.pdf

NAT should happen before PBR so you should be able to use the subscriber's internal IP Address as the destination IP in your PBR ACL. It should not take much time to test it out first in a controlled manner.

Atif

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card