Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Policy Based Routing, or something

Hi, I can't seem to wrap my head around this one.

I have a remote subnet (172.27.40.0/23) that connects back to our main location where our internet service originates. Our local network is 172.27.8.0/21.

The remote router is 172.27.40.1 and it's only route is the default route back to the main location through it's "outside" interface.

The local router(172.27.12.2) has multiple statements, as several other remote sites come through it as well. There is one route to send traffic bound for 40.0/23 to 40.1, and one to send all other traffic to our main 6509 core. (172.27.15.1)From there traffic gets routed to the internet.

We've installed a Sonicwall on a new internet connection at 172.27.12.200. My issue is I would like to send all internet traffic from the 40.0 subnet to the Sonicwall (Blech on that BTW)as a test. A test I'll have to un-do when we go live, I might add.

Any thoughts on an easy way to do this?

Thanks for any help. I can post configs,etc if that will help.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Bronze

Re: Policy Based Routing, or something

PBR (Policy Based Routing) is what you need. You will have to configure the 172.27.12.2 router with the following at the ingress connection from the remote network.

First, let's create the ACL for interesting traffic.

ip access-list extended NETPRO

deny ip 172.27.40.0 0.0.1.255 [your location network subnets]

permit ip 172.27.40.0 0.0.1.255 any

Then, we create the route-map to match the traffic and change the next-hop only on default route.

route-map NETPRO permit 10

match ip address NETPRO

set ip default next-hop 172.27.12.200

And finally, we apply the policy at the ingress interface

interface s0/0

ip policy route-map NETPRO

HTH,

3 REPLIES
Hall of Fame Super Bronze

Re: Policy Based Routing, or something

PBR (Policy Based Routing) is what you need. You will have to configure the 172.27.12.2 router with the following at the ingress connection from the remote network.

First, let's create the ACL for interesting traffic.

ip access-list extended NETPRO

deny ip 172.27.40.0 0.0.1.255 [your location network subnets]

permit ip 172.27.40.0 0.0.1.255 any

Then, we create the route-map to match the traffic and change the next-hop only on default route.

route-map NETPRO permit 10

match ip address NETPRO

set ip default next-hop 172.27.12.200

And finally, we apply the policy at the ingress interface

interface s0/0

ip policy route-map NETPRO

HTH,

New Member

Re: Policy Based Routing, or something

I;ll give this a shot - thanks for the help

New Member

Re: Policy Based Routing, or something

BINGO.

That did the trick.

Thanks very much.

167
Views
5
Helpful
3
Replies
CreatePlease to create content