I have a Cisco 1811 router with DSL connected to FastEthernet0 and Cable connected to FastEthernet 1. The DSL is only used when the cable connection goes down, but I would like to have the ability to telnet to the router on both the DSL IP and the Cable IP.
The default route sends traffic out the Cable connection. For testing I have removed all firewalls statements and access-lists from FastEthernet0. Telnet to the Cable IP works fine, and the vty interface is configured for access. I expect the problem is with routing, as the traffic I'm sending to the DSL IP is likely returning with a source address of the Cable IP.
In order to try to resolve this problem, I configured a route-map and applied it to FastEthernet0. I was hoping by setting the next hop, I would be able to establish a telnet connection to FastEthernet0 using the DSL IP. I still cannot ping the DSL IP though so my route-map does not seem to be accomplishing my intended effect. The applicable configuration is below with private IP addresses substituted for the actual IP addresses.
ip address 192.168.1.70 255.255.255.0
ip verify unicast reverse-path
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat outside
ip tcp adjust-mss 1452
ip policy route-map DSL_RMAP
access-list 106 permit ip host 10.0.0.1 any
access-list 108 permit ip host 192.168.1.70 host 10.0.0.1 log
route-map DSL_RMAP permit 1
match ip address 108
set ip next-hop 192.168.1.1
line vty 0 4
access-class 106 in
privilege level 15
password 7 xxxxxxxxxxxxxx
transport input telnet ssh
Note that a route-map applied on an interface for the policy-based routing applies only to inbound packets - never to outbound packets. Your ACL is obviously made in the opposite direction, as if you wanted to match the packets that are generated by your router and that go out the Fa0. However, these won't be catched by the PBR route-map for two reasons:
1.) It does not apply to packets going out your interface
2.) No PBR route-map or an ACL applied on an interface in the outbound direction applies to locally generated packets
If you want to set up a route-map for packets that are generated by your router, you need to use the "ip local policy route-map" command.