Is there a way to send traffic from a particular subnet, 172.22.0.0/16 for example, to a particular server for a specific service?
I'll explain more, at my organization the security guys use Trend Micros as our virus/trojan protection etc. We currently have just one server, but they are adding two more and would like to know if we could put policy in place to send particular traffic to a given server for just Trend Micros traffic. This is currently done with the one server with a registry edit pointing to the server.
I know we could implement this with a L4 load-balancing product, but is there a way to direct traffic similarly without it to that level of detail?
Thanks in advance.
Yes, you can use PBR
Source = 172.22.0.0/16
Destination server(s) = 192.168.5.10, 192.168.5.20
service = TCP 4400
access-list 101 permit tcp 172.22.0.0 0.0.255.255 host 192.168.5.10 eq 4400
access-list 101 permit tcp 172.22.0.0 0.0.255.255 host 192.168.5.20 eq 4400
route-map PBR permit 10
match ip address 101
set ip next-hop x.x.x.x
ip policy route-map PBR
1) the next-hop must be reachable from this router
2) fa0/0 in the above example is the interface on which packets with a source address of 172.22.x.x arrive.