Configuring NAT, ACL, and Static Routing on a Router
This guide demonstrates how to configure NAT with an ACL, set up internal and external interface IP addresses, define a default static route, and create an ACL‑based traffic policy to block specific internal hosts from accessing a given external IP address.
This example shows how to configure a NAT ACL (number 2000) that permits the internal subnet 192.168.0.0/24 to be translated, and assigns the internal gateway address on Ethernet0/0/1 as 192.168.0.1 255.255.255.0 .
The external interface GigabitEthernet0/0/1 is given the IP 200.100.1.2 255.255.255.0 , and NAT outbound is enabled on this interface with the previously defined ACL 2000 using the Easy IP method.
A default static route is added to forward all traffic to the next‑hop 200.100.1.1 , ensuring the outbound interface can reach external networks.
To block PCs in the range 192.168.0.16‑192.168.0.31 from accessing 211.1.1.6 , an ACL (number 3000) is created with a deny rule, then a traffic classifier c1 matches this ACL, a traffic behavior b1 denies the traffic, and a traffic policy p1 applies the classifier and behavior to inbound traffic on Ethernet0/0/1 .
Practical DevOps Architecture
Hands‑on DevOps operations using Docker, K8s, Jenkins, and Ansible—empowering ops professionals to grow together through sharing, discussion, knowledge consolidation, and continuous improvement.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.