After OER enabled, randomly unable to ping or SSH into router.

Unanswered Question
Mar 24th, 2008
User Badges:


We currently have a multihomed Cisco 1811 running IOS 12.4.

FastEthernet0 (FE0) is assigned from ISP-A. FastEthernet1 (FE1) is assigned from ISP-B.

OER is configured and working well.

The problem I have is sometimes (randomly) various remote networks are unable to ping or SSH into the Router itself using ISP-A ( They have to use ISP-B ( Sometimes it is vice-versa.

I am assuming that this is caused by the OER algorithm setting a static route to the various destination networks.

I can set up a local policy to force any connections destined for FE0 to go back out FE0.


I can set up a local policy to force any connections destined for FE1 to go back out FE1.


I have been unable to determine how to create a local policy so that both FE0 and FE1 behave this way "simultaneously".

My question is:

1. Is it possible to set a local policy such that when a connection enters FE0, it is routed back through FE0 and when a connection enters FE1 it is routed back through FE1?

Thanks in advance.

Riaz Oosman

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
shailendra.singh Tue, 03/25/2008 - 00:07
User Badges:

Yes, Why not? You can use " match input-interface" in the route-map for this.



gfwireless Tue, 03/25/2008 - 05:10
User Badges:

Hi Shailendra,

Thanks for the reply.

I was unable to find "match input-interface" in a regular route-map statement. I did however find that it was applicable in a QOS class-map. Is this what you are referring to?


Riaz Oosman

gfwireless Mon, 04/07/2008 - 07:10
User Badges:


Doing a little more research I believe I have solved my problem.

Global IP for FE0 is, default GW is

Global IP for FE1 is, default GW is

Here are the pertinent config entries that I created:

access-list 170 permit ip host any

access-list 171 permit ip host any


route-map equal-access permit 10

match ip address 170

set ip next-hop


route-map equal-access permit 20

match ip address 171

set ip next-hop


ip local policy route-map equal-access

This has been on a production router for several days now and we have not had any problems. If anyone sees a security or access issue, please post any corrections. Thanks.



This Discussion