Hi Ahmed,

Really didn't get what you want to do, Could you clearily tell us your requirement?

Regards,

Manouchehr

Hi,

For performing PBR on cisco 3750 switches you will need to change the SDM template settings from desktop routing to routing.

Then it should perform proper PBR for you.

Regards,

Pawan Sharma

http://www.ebrahma.com

well.. not really... even if he changes to routing-pbr (provided this sdm is not already in use) his PBR will not work as it cannot work this way

I hope you have an idea about the VLAN's and the VLAN configuration I have. Basically what I need to do is to introduce a link from a cisco 2960 (one of the distribution switch - above I have explained how the network looks like) to a dumb DLink switch which will have PC's which need to connect to both cooperative and guest networks,

therefor I am trying to introduce a new VLAN other than the three existing, and I am calling the new VLAN VLAN40, and all what I want is to route the pakets going to the VLAN 40 using the IP ranges, 192.168.1.x should be routed to VLAN 999 and from the ip range 10.172.4.x to VLAN 20. How can I do it?

Here is a short breif of the VLAN's and why I use it:

VLAN 100 is the management VLAN i use for managing the switches

VLAN 999 is the VLAN i use at office for office purposes

VLAN 20 is the VLAN i use for guests internet

and VLAN 40 is the new VLAN where I want the routing to happen

Dear Ahmed,

as I said PBR is used to route traffic COMING FROM a given vlan/subnet and not TO.

Also, as per your initial post, 192.168.1.x is an address belonging to vlan999 and 10.172.4.x to VLAN 20 already... what do you mean that you want to route traffic of vlan 999 to vlan 999 (and traffic of vlan 20 to vlan 20)?

If you want to have routing in vlan 40 too, first you need to create a SVI with an IP address on your 3750, with an IP scheme different from the other vlans. Have you done that?

I have the impression, as I already pointed out, that you need to approach PBR basics before trying to configure it.

Riccardo

well I have done that

Here are the configurations for vlan 20 and vlan 999

interface Vlan999

description Office

ip address 192.168.1.123 255.255.255.0

interface Vlan20

description Guest

ip address 10.172.4.1 255.255.255.0

and for the routing stuff I used PBR since I found that was the easiest way to do it on 3750, I may not know the best as you know but here is what I did and all what I am asking you is for a solution, what I am doing here is lets say fast etherenet port 4 of a 2960 is on vlan 40 :| and that is connected to a dlink dumb switch (layer1) and it has pc's which has ip ranges 192.168.1.x and 10.172.4.x. and so want to route the packets going to vlan 40 using the ip ranges. I hope you understand what I mean now

Access-list 110 permit ip 10.172.4.0 0.0.0.255 any

access-list 120 permit ip 192.168.1.0 0.0.0.255 any

route-map INT_RVLAN permit 10

  match ip address 120 110

  set ip next-hop 192.168.1.123 10.172.4.1

interface VLAN 40

  ip policy route-map INT_RVLAN

Ahmed,

unfortunately I still don't understand what you mean and what you are trying to do...

you did not configure any IP address on interface vlan 40! PBR is a L3 feature, meaning that is has to do with routing. If vlan 40 has no IP address configured, no routing can occur at this point (beside the fact that also from a sintax point of your your PBR is not correct).

I think we have to start from the basics here.

If you need help please answer to all the questions below:

1. What are the IP addresses of the hosts connected in vlan 40 on the 2960 (IP address plus subnet mask please)?

2. What is the deafult gateway of vlan 40? It should be interface vlan40 of the 3750, but since I don't see any IP address on previous post you must tell us. Also what is the IP address of the dg in vlan40?

3. Do the hosts in vlan40 need connectivity to all other hosts in other vlans?