Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Policy Based Routing

I want to route a specific host ( on the inside network out the DMVPN (Interface Tunnel0) instead of using the BGP network. I have created the following commands on the router:

route-map WSUS permit 9

match ip address 150

set interface Tunnel0

access-list 150 permit ip host - (I want to specify certain networks for this policy , this is the first)

interface FastEthernet0/0

ip policy route-map WSUS

With this config in place the host is still using the BGP network - What am I missing ?



Hall of Fame Super Bronze

Re: Policy Based Routing


Did you apply a similar route-map at the remote end? If not, the return traffic will use the routing table.

How do you know the host is not traversing the tunnel for destination

Did you enable some kind of debugging?



New Member

Re: Policy Based Routing


Thanks for the response. At this point I set a static route at the other end for that host -

ip route Tunnel0

I haven't run any debugs yet - I added another statement for icmp in access-list 150. The trace routes show the host using the BGP route and using network monitoring software and the interface counters it is definitely using the BGP route to the 10.10 network. Oddly the access list is showing matches against it

Hall of Fame Super Bronze

Re: Policy Based Routing

Any other traffic traversing the tunnel?

Can you change the set interface with set ip address of the tunnel interface?

What type of device are you using?

'debug ip policy' will certainly help during a maintenance window.

New Member

Re: Policy Based Routing

The tunnel are set up for backup to the BGP network running EIGRP

When I change it to the IP of the tunnel interface nothing routes to 10.10. If i use the 10.10 tunnel interface as the next hp the trace route uses the tunnel but a file transfer doesn't.

New Member

Re: Policy Based Routing

3745 and a 2811

Hall of Fame Super Bronze

Re: Policy Based Routing

The IP must be from the remote tunnel, not the local tunnel.

CreatePlease to create content