i'm trying to accomplish the following scenario with a pbr. Pls do share your thoughts if the approach i'm taking can accomplish this.
Basically i want some workstations in my LAN to not be able to reach several IP addresses that's hosted in a another country. Now i tried vlan access maps with the usual acl to deny all these ips but somehow they just didn't do a gd job (probably trunking issues on the edge switches)
What i was thinking is:
-create a new vlan with a new scope.
-create an acl with the permit statements for the remote ips
-create a pbr which sends any attempts to this remote ips to a null interface
-have this policy-route tied to the newly created vlan.