Please refer to:
http://www.cisco.com/en/US/tech/tk648/tk367/technologies_configuration_example09186a0080094634.shtml
Document ID: 14144
I am probably missing something here. This is about access-list 122 which is identified in the ip nat inside source list statement on router Daphne.
ip nat inside source list 122 interface Ethernet0/1 overload
access-list 122 deny ip 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255
access-list 122 deny ip host 10.1.1.3 any
access-list 122 permit ip 10.1.1.0 0.0.0.255 any
This is my confusion: The route-map "nonat" identifies traffic that has a source host address of 10.1.1.3 and sets the next hop to 1.1.1.2.
Policy routing is executed on an interface before NAT is (going inside-to-outside). Therefore, traffic from the host 10.1.1.3 going to 172.16.1.x does not even get the chance to be apart of the NAT process because it is being policy routed to a non-natted interface. So why then have the first two deny statements in access-list 122?
Please let me know if I have missed something...
Thank you!
Scott