Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAT pool configuration question

Hi all,


I would like to know how can I compute for a wild card mask for this hosts? /24 - /24


I have created a nat pool that translates addresses above to -


R3#show access-list
Extended IP access list traders
    10 permit ip any
R3#sh run | s nat
ip nat pool my_traders prefix-length 24
ip nat inside source list traders pool my_traders to works, it's only .8 that doesn't, how can I cover it?



thanks all,




Hi there,the wildcard mask

Hi there,

the wildcard mask you are using your ACL 'traders' only covers the IP range - 7 . Either increase the size of the mask by one bit ( to cover the range - 15 , or (preferably) list each IP induvidualy:


permit ip any

permit ip any


permit ip any




Community Member

Hi Seb, What I need to do is

Hi Seb,


I was able to resolve, although I would like to know if I can further aggregate or summarize acls?

R3#sh run | s users
ip nat pool users prefix-length 24
ip nat inside source route-map my_users pool users overload
route-map my_users permit 10
 match ip address lan
R3#show access-list lan
Extended IP access list lan
    10 permit ip any (2 matches)
    20 permit ip any (1 match)
    30 permit ip any
    40 permit ip any

Also should the prefix length in the NAT statement be equal to the subnet mask of the inside local address?





Community Member

  Hello my friend Wtih this



Hello my friend


Wtih this access-list, you can't cover adress, but you in you access-list, you cant add this command:


ip extended access-list traders

20 permit ip any   (or 20 permit host any)


this command will premit host wih adress to out you network


" please do not make fun of me, I know my English poor"

CreatePlease to create content