Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2441
Views
0
Helpful
3
Replies

what will be the first - nat or access-list

Go to solution
yarik_ya
Level 1
Level 1

‎10-18-2002 01:52 PM - edited ‎03-02-2019 02:12 AM

so i have such config:

interface Loopback0

ip address 192.168.0.1 255.255.255.0

no ip directed-broadcast

!

interface Ethernet0

ip address X.X.X.X 255.255.255.248

..................................................................

!

interface Group-Async1

description Group of 1 through 16 Async interfaces

ip unnumbered Loopback0

no ip redirects

no ip directed-broadcast

ip nat inside

encapsulation ppp

ip tcp header-compression passive

async mode interactive

no snmp trap link-status

peer default ip address pool modem

no cdp enable

ppp authentication pap

group-range 1 16

!

ip local pool modem 192.168.0.2 192.168.0.18

ip nat pool modem_over X.X.X.X X.X.X.X netmask 255.255.255.248

ip nat inside source list 10 pool modem_over overload

access-list 10 remark for_modem_nat_inside

access-list 10 permit 192.168.0.0 0.0.0.255

access-list 110 permit ip any host X.X.X.X

access-list 110 permit ip any 192.168.0.0 0.0.0.255

So i have access-list 110 and such statement access-list 110 permit ip any 192.168.0.0 0.0.0.255, So when the e0 receving the packet, what will be the first - nat or access-list statement , it's rather interesting

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
steve.barlow
Level 7
Level 7

‎10-18-2002 02:27 PM

Order: first input access list, then nat, then output access list.

This link explains the order: http://www.cisco.com/warp/public/556/5.html

Hope it helps.

Steve

View solution in original post

0 Helpful
3 Replies 3

Go to solution
steve.barlow
Level 7
Level 7

‎10-18-2002 02:27 PM

Order: first input access list, then nat, then output access list.

This link explains the order: http://www.cisco.com/warp/public/556/5.html

Hope it helps.

Steve

0 Helpful

Go to solution
yarik_ya
Level 1
Level 1
In response to steve.barlow

‎10-18-2002 02:37 PM

Thanks a lot

0 Helpful

Go to solution
RIKLEF GRAETSCH
Level 1
Level 1
In response to steve.barlow

‎01-12-2017 04:39 AM

Hello,

sorry for activating this old thread, but how is the order in new ASA 9.5 version?

Regards

Riklef

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents