Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PBR C4500 IOS-XE - Cannot route another subnet to next-hop

Hello,


I'm trying to implement PBR to transfert my Internet traffic (web/https) for a few of my subnets. I've successfully did it with 2 of my computers and now I want to do it for the whole subnet but, does'nt seems to work.

 

Here's my config :

*********************************************************************************************************

route-map PBR permit 1
 match ip address 199
 set ip next-hop 10.76.112.254
!
route-map PBR permit 2
 match ip address 198
 set ip next-hop 10.76.112.254
!

access-list 199 deny   tcp host 10.77.112.77 10.0.0.0 0.255.255.255 eq www
access-list 199 deny   tcp host 10.77.112.77 208.127.30.0 0.0.0.255 eq 443
access-list 199 permit tcp host 10.77.112.77 any eq www
access-list 199 permit tcp host 10.77.112.77 any eq 443


access-list 198 deny   tcp 10.79.200.0 0.0.7.255 10.0.0.0 0.255.255.255 eq www
access-list 198 deny   tcp 10.79.200.0 0.0.7.255 205.237.80.0 0.0.0.255 eq 443
access-list 198 permit tcp 10.79.200.0 0.0.7.255 any eq www
access-list 199 permit tcp 10.79.200.0 0.0.7.255 any eq 443


interface Vlan211
 ip address 10.77.112.1 255.255.255.0
 no ip unreachables
 ip policy route-map PBR


interface Vlan599
 ip address 10.79.200.1 255.255.248.0
 no ip unreachables
 ip policy route-map PBR

***********************************************************************************************************

Traffic from first access-list works but not on the second. Is there something that I do wrong here ?

Thanks,

Everyone's tags (1)
32
Views
0
Helpful
0
Replies