I have a PBR and NAT configuration in one of the core switch interfaces as follows:
ip address 172.24.22.251 255.255.255.0
standby 22 ip 172.22.254
standby 22 priority 110
standby 22 preempt
ip policy route-map PROXY
ip nat inside
interface gig 3/48
ip address 192.168.1.100 255.255.255.0
ip nat outside
IP access-list extended PROXY
permit tcp host 172.24.22.25 any eq 80
permit tcp host 172.24.22.25 any eq 443
route-map PROXY permit 10
match ip address PROXY
set ip next-hop 192.168.1.1
ip nat inside source list PROXY interface G3/48 overload
What I am trying to do here is to direct the users on any VLAN to the Proxy inside VLAN (VLAN 22), and then direct the proxy traffic to a dedicated internet link that is connected to the core switch, however a NAT rule needs to be applied first so that the internet modem sees the Proxy with a specific IP address.
I need to make sure whether the above configuration is workable and to understand what who takes privilege over the other PBR or NAT.
Appreciate your feedback.