Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
494
Views
0
Helpful
7
Replies

PBR Help

tamarix
Level 1
Level 1

‎09-08-2006 07:01 AM - edited ‎03-03-2019 04:52 AM

I need to do policy based routing based on the incoming IP address. All the addresses are coming in through a VPN concentrator and will be directed to one IP address on the concentrators policy, the concentrator will then pass the traffic to a switch running layer 3 code that will do the PBR. The switch will then need to route the traffic to differnt IP addresses on the same subnet depending on the source IP of the packet. Does anyone have any examples of how to set up a route-map and access list to accomplish this? Thanks!

Labels:
0 Helpful
7 Replies 7

mmorris11
Level 4
Level 4

‎09-08-2006 09:46 AM

What kind of switch are you using?

0 Helpful

tamarix
Level 1
Level 1
In response to mmorris11

‎09-08-2006 09:53 AM

Cisco 3750

0 Helpful

mmorris11
Level 4
Level 4
In response to tamarix

‎09-08-2006 10:05 AM

PBR does not work on 3750.

0 Helpful

tamarix
Level 1
Level 1
In response to mmorris11

‎09-08-2006 10:26 AM

I was told by A cisco engineeer that it would but if not, I will use whatever kind of switch I need.

0 Helpful

tamarix
Level 1
Level 1
In response to tamarix

‎09-08-2006 01:16 PM

Note the information in the following article, It shows PBR being allowed on 3750 switches.

http://www.cisco.com/en/US/customer/products/hw/switches/ps5532/products_configuration_guide_chapter09186a00801ee86e.html

0 Helpful

satya.singh
Level 1
Level 1
In response to tamarix

‎09-09-2006 01:15 AM

In a similar scenario, I've used the following template:

===============

access-list 101 remark

access-list 101 permit ip 10.10.0.0 0.0.255.255 any

access-list 101 permit ip 10.110.0.0 0.0.255.255 any

route-map WE permit 5

match ip address 101

set ip next-hop

===============

Pls let me know if this works in ur case..There are several other parametrs though, which can be set such as metric, weight, interface, community, metric-type, tag etc.

Rgds\Satya.

0 Helpful

tamarix
Level 1
Level 1
In response to satya.singh

‎09-13-2006 10:44 AM

HI Satya,

Thanks for the response. Let me give you a more specific example of what I am trying to do.

Lets say I have an incomming address of 172.16.72.21 and it is trying to access port 14635 on 10.10.10.100, but as this packet comes in I really need it to access server 10.10.10.112 port 14635, Now I also have an address coming in of 192.168.101.211 that needs to access 10.10.10.100 port 15321. These addresses are all coming into my network via Lan-to-Lan VPN tunnels. I only want to have one or two IP's in my local encryption domain list, but I need to be able to point them to a number of other addresses on the same subnet, not on a different port on the router.

Hope this example makes sens!

Thanks

Doug

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents