I have banged my head against the wall for too long trying to figure out how to force traffic back out the same interface from whence it entered. Review the following topology. Any suggestions are welcome and appreciated.
you'd have to provide more information regarding your requirement:
- why have you NATed the ip address of Router's or ASA interface to be accessed from outside?
- If you have some server/PC behind 1811 that you want to be accessible from internet, then this behaviour of the router should not affect the response
But if you specifically want to access the router from Internet, then yes PBR would configured and instead of applying it on the interface, you would have to configure "ip default policy route-map" on the config mode because here we have to manipulate the traffic GENERATED by the router itself
Moreover there is one more catch, if you want to configure PBR on the router, you would have to know the ip address from where the ping/telnet/tcp session was initiated in the internet otherwise if we use "any" in the PBR ACL then whenever the router generate a packet it will send it based on the PBR rule, which can break more things than fix
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...