hi thanks,

i have 2 FE0/0 (10.10.0.0) , FE0/1 (192.168.0.0), should i apply the policy on both (ip policy route-map dialer)?

thanks!

Thanks!

your configuration works fine now.

only 1 question, both network dont see each other? is that true or i have done something wrong?

if it's true, anyway to make them see each other?

thanks.

Modify the previous configuration like this

p nat inside source list 100 interface Dialer1 overload

ip nat inside source list 110 interface Dialer2 overload

access-list 100 remark *** ACL for Dialer 1

access-list 100 deny ip 10.10.10.0 0.0.0.255 192.168.0.0 0.0.255.255

access-list 100 permit ip 10.10.10.0 0.0.0.255 any

access-list 110 remark *** ACL for Dialer 2

access-list 110 deny ip 192.168.0.0 0.0.255.255 10.10.10.0 0.0.0.255

access-list 110 permit ip 192.168.0.0 0.0.255.255 any

route-map F0 permit 10

match ip address 100

set interface fastethernet 0/0

route-map F1 permit 11

match ip address 110

set interface fastethernet 0/1

interface fastethernet0/0

ip nat inside

ip policy route-map F0

interface fastethernet0/1

ip nat inside

ip policy route-map F1

interface dialer 1

ip nat outside

interface dialer 2

ip nat outside

___

Please rate helpful posts.

Thanks

At the moment I don?t think, two networks can see each other. You need to run a routing protocol to exchange routing information between two subnets. To start with you can go for RIP, which is the basic and easiest routing protocol.

Use the following commands to run RIP in your router.

config t

router rip

version 2

network 10.0.0.0

network 192.168.0.0

Hope this should fix your issues and let us know how you go.

Thanks

Rajesh

Rajesh,

You don't need a dynamic routing protocol on the router for this to work. The problem with the networks seeing each other is due to the policy map that forces all packets to the dialer interface.

The ACL I posted should correct this issue.

The 2 networks show as 'connected' on this router's routing table, which is the default gateway for both networks, thus no need for RIP.

hello, i tried both configuration, the RIP doesnt work..

the access-list has worked fine and both network can see each other,

thanks all for your help!

Edison,

Being directly connected subnets, initially I was thinking that both networks should able to ping each other. On the other hand, since PBR statement forces all the packets to the dialer interface and will not allow pinging each other, and then I thought of using a routing protocol which might be a better option.

Now I am confused, can you please explain why the use of RIP doesn?t work and how ACL over comes that???

Thanks

Rajesh

Hi rajesh,

As posted earlier by Edison, the packets when enter the interface enabled with PBR, takes preference over the routing decision.

So the packets are forced out of the dialer interface and does not reach the other vlan interface nad hence it never receives a reply for the packets you send.

The scenario would have been same even when you have a routing protocol.

The access-list actually denies the VLan from the interseting traffic defined for PBR and hence reaches the destination via normal routing (directly conncted in the above case).

HTH, rate if it does

Narayan

Thanks for your explanation Narayanan. To make myself clear and comfertable i am going to try in my test lab and let you know how it went.

Thanks

Rajesh