I have a vpn to a remote site and I want to redirect traffic on port 80 to a host on that network. I tried doing a route map like this:
access-list 101 deny tcp any 172.17.16.0 0.0.0.255
access-list 101 permit tcp any any eq www
access-list 101 permit tcp any any eq 443
route-map bluecoat permit 10
match ip address 101
set ip next-hop 172.17.16.45
set ip default next-hop 172.17.16.45
ip policy route-map bluecoat
Where Eth0/0 is the ingress port, but it doesn't appear to be applied, since hosts can still get to any web site.
The 172.17.16.45 host is on the other side of a vpn. I can get to hosts on both sides of the vpn. I can't ping that host from the router though.