Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

PBR configuration

Hi Dears,

that is my subnetting at my cisco router.  i want 172.100.3.0, 172.100.6.0,172.100.10.0 subnetting forward to ISA server(192.168.1.10). this subneting go to internet througth ISA server. is it possible i do that PBR? if yes please help me how can i do it?

thanks.

interface GigabitEthernet0/1.3

encapsulation dot1Q 3

ip address 172.100.3.254 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface GigabitEthernet0/1.4

encapsulation dot1Q 4

ip address 172.100.4.254 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface GigabitEthernet0/1.5

encapsulation dot1Q 5

ip address 172.100.5.254 255.255.255.0

!

interface GigabitEthernet0/1.6

encapsulation dot1Q 6

ip address 172.100.6.254 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface GigabitEthernet0/1.10

encapsulation dot1Q 10

ip address 172.100.10.254 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface GigabitEthernet0/1.100

encapsulation dot1Q 100

ip address 172.100.1.254 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface GigabitEthernet0/1.777

encapsulation dot1Q 777

ip address 192.168.1.254 255.255.255.0           ISA server

ip nat inside

ip virtual-reassembly

Everyone's tags (2)
4 REPLIES
Community Member

PBR configuration

please consider that all my subnetting are the same router.

Purple

PBR configuration

Hi,

Try this:

ip access-list extended PBR

deny ip 172.100.0.0 0.0.255.255  172.100.0.0 0.0.255.255

permit ip 172.100.0.0 0.0.255.255 any

route-map PBR

match ip address PBR

set ip next-hop 192.168.1.254

interface g0/1.3

ip policy route-map PBR

interface g0/1.6

ip policy route-map PBR

interface g0/1.10

ip policy route-map PBR

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Community Member

PBR configuration

thanks to reply me.

i have one question.

ip access-list extended PBR

deny ip 172.100.0.0 0.0.255.255  172.100.0.0 0.0.255.255

permit ip 172.100.0.0 0.0.255.255 any

why we write

deny ip 172.100.0.0 0.0.255.255  172.100.0.0 0.0.255.255  command?

please consider that that subnet's must connect each other.

Purple

PBR configuration

Hi,

I did this to get sure the subnets when they talk to each other are not redirected to ISA server but only when thy go elsewhere that is to the Internet for example.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
364
Views
0
Helpful
4
Replies
CreatePlease to create content