Hello,

Runing a 3560 on IOS c3560-ipservices-mz.122-25.SEE3.bin (which states PBR is available in Feature Navigator), and also with routing SDM template.

SLHX3530#sh sdm prefer

The current template is "desktop routing" template.

The selected template optimizes the resources in

the switch to support this level of features for

8 routed interfaces and 1024 VLANs.

number of unicast mac addresses: 3K

number of IPv4 IGMP groups + multicast routes: 1K

number of IPv4 unicast routes: 11K

number of directly-connected IPv4 hosts: 3K

number of indirect IPv4 routes: 8K

number of IPv4 policy based routing aces: 512

number of IPv4/MAC qos aces: 512

number of IPv4/MAC security aces: 1K

However, it will not allow the below route-map config to be used in a PBR statement when applied to a layer-3 physical interface:

!

route-map STIG-traffic-to-FW permit 10

match ip address 2

set ip next-hop 10.247.250.142

set interface Null0

!

access-list 2 remark For_STIG_traffic_route_map_to_FW

access-list 2 permit any

!

int f0/8

ip address 10.139.145.13 255.255.255.248

ip policy route-map STIG-traffic-to-FW

!

The below error message appears:

000064: May 7 18:45:22: %PLATFORM_PBR-3-UNSUPPORTED_RMAP: Route-map STIG-traffi

c-to-FW not supported for Policy-Based Routing

It will only accept the below route-map:

route-map STIG-traffic-to-FW permit 10

set ip next-hop 10.247.250.142

This seems to semi-work, with mixed results. It does not however allow full design needed. Can anyone advise why this doesn't work with the IOS/config above, and if there is a quick easy solution (upgrade to a different IOS level with proven results)?

Thanks

Phil