need help with route maps

Unanswered Question
Apr 24th, 2008

we currently have 2 asa's 5505 and a 5510 each connected to a isp which connect inside to a single 3640 we have the default route set to go out one isp and vpn traffic to go out the other. we have some route map polies in place for specific machines running web services to go out the non-default route. Those specific machines when accessed internally on the same ports fail since it's sending the traffic out using the route-map is there a way to filter these machines to send the traffic the appropriate directions.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
m-haddad Thu, 04/24/2008 - 12:52


Create a new ACL that matches traffic from those Webservers to the destinations/subnets that do not have to be routed through the Route-map.

Then add the below to the route-map

route-map xxxxx deny 1

match ip address "ACL Created above"

This will deny traffic matching the ACL to be policed.

Hope this helps,

Appreciate your rating,

t814687 Thu, 04/24/2008 - 12:58

Would be nice to have a quick topology diagram and explain what exact hosts need to go where. Then we can go over your config.


This Discussion