object-group network og-rfc1918
10.0.0.0 /8
172.16.0.0 /12
192.168.0.0 /16
!
ip access-list extended acl-nat
permit ip object-group og-rfc1918 any
!
route-map rm-site-a
match ip address acl-nat
match interface FastEthernet0/0
!
route-map rm-site-b
match ip address acl-nat
match interface FastEthernet1/0
!
ip nat inside source route-map rm-site-a interface FastEthernet0/0 overload
ip nat inside source route-map rm-site-b interface FastEthernet1/0 overload
This keeps things a bit simpler because the router can rely on the routing table to figure out which NAT table to use based on the destination rather than hard-coding the destination into the ACLs.
