First, I apologize for the confusing post, but I'm scratching my head at the moment and could use another set of eyes. I have a question about using different NAT pools, decided by policy based routing. Everything I've read on Cisco's site seems to indicate that this will work, but for some reason, it's not. Any advice on the subject is appreciated. Nomenclature (obviously not the real addresses): ISP1 addresses are represented by 1.1.1.x and 2.2.2.x. ISP2 addresses are represented by 3.3.3.x. Target addresses are represented by 4.4.4.x. Explanation of what I want to do: I have two distinct connections to the Internet, one off of Ethernet0/1 and the other off of Serial0/0. NAT inside range is 10.1.1.x /24. I want all clients connecting to addresses 4.4.4.1 and 4.4.4.2 to use a NAT pool associated with E0/1 and route through E0/1. All other Internet traffic should use the NAT pool associated with S0/0 and route through S0/0. The sample config below routes traffic appropriately, but only obtains the NAT addresses from the ISP1-pool no matter the destination. The end result is that traffic outbound to ISP2 is natted to an ISP1 address...something I definitely don't want. Pertinent Router Config: interface E0/0 description Private Inside ip address 10.1.1.1 255.255.255.0 ip nat inside ! interface Serial0/0 description ISP 1 ip address 2.2.2.1 255.255.255.252 ip nat outside ! interface E0/1 description ISP2 ip address 3.3.3.1 255.255.255.224 ip nat outside ! ip nat pool ISP1-pool 1.1.1.1 1.1.1.3 netmask 255.255.255.248 ip nat inside source route-map ISP1-map pool ISP1-pool ip nat pool ISP2-pool 3.3.3.3 3.3.3.6 netmask 255.255.255.224 ip nat inside source route-map ISP2-map pool ISP2-pool ip route 0.0.0.0 0.0.0.0 2.2.2.2 ip route 4.4.4.1 255.255.255.255 3.3.3.2 ip route 4.4.4.2 255.255.255.255 3.3.3.2 ! access-list 100 permit ip any host 4.4.4.1 access-list 100 permit ip any host 4.4.4.2 access-list 101 deny ip any host 4.4.4.1 access-list 101 deny ip any host 4.4.4.2 access-list 101 permit ip any any route-map ISP1-map permit 10 match ip address 100 match interface Ethernet0/1 route-map ISP2-map permit 20 match ip address 101 match interface Serial0/0 Thanks in advance, Craig _________________________________ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
