> Which is why you can do cool tricks with "bounce over loopback" :)
> (even if half of them woulnd't be necessary if static NAT mappings
> could take an ACL for "only for *these* destinations, please!").
You mean like you can do with a route map? Ala:
ip nat inside source static 192.168.x.y a.b.c.d route-map
OnlyNATThis extendable
route-map OnlyNATThis permit 10
match ip address OnlyNATThisACL
ip access-list extended OnlyNATThisACL
permit ip host 192.168.x.y host e.f.g.h
Works for me...
B.
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
