Configured PBR on 3560 but not working, IOS is advipservices and sdm prefer dual-ipv4-and-ipv6 is configured on the switch. The moment I apply the ip policy command on the SVI, i am losing connectivity to the SVI on which is apply the policy, I can't even ping it, once I remove the policy, connectivity is restored. Please help.
The switch is connected to two firewalls the default gateway is pointing to FW1(172.16.1.2) and on the PBR policy web traffic should got to FW2(172.16.2.2), but when I apply the policy it is not working, can't even ping SVI of Vlan20. As of now the policy is only applied to VLAN20.
Well, if you don't add empty route-map statement, other traffic will be dropped. Remember, route-map follows the same logic as access-list: implicit deny any.
If your policy still doesn't have the empty route-map statement, then the reason why you can't ping the SVI is because the traffic is dropped by your route-map. Edit: If you've added the statement, does the switch know how to get to the ping source? Do traceroute to see the path it's attempting to take.
Try adding the endpoints for your ping command into the access-list for your PBR and test again. Be mindful of the path that echo-reply packets may traverse. Depending on how your topology looks and how you configure the routing, you might encounter asymmetrical path.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...