Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

Policy Route-Map forwarding


I have a new Barracuda Spam firewall to deploy. On the border router I configured all incoming SMTP traffic from the T1 circuit to forwarded to Barracuda appliance and from there it is relayed to Checkpoint Firewall which is NAT to our internal Exchange 2003 server.


1. From the router I can ping Barracuda.

2. On the router I see access-list 180 counter increasing.

3. On the Barracuda I can ping

4. On the Barracuda, I don't see any incoming SMTP traffic at all. I'm not sure what the problem is...?

Please read the my attached graph..

Router config:

S0/0 :

ip policy route-map SMTP_MAP

access-list 180 permit tcp any host eq smtp

route-map SMTP_MAP permit 80

match ip address 180

set ip next-hop

set interface FastEthernet0/0

Cisco Employee

Re: Policy Route-Map forwarding


What chassis is this and what Software Version are you running?

Is it possible for you to remove this statement "set interface FastEthernet0/0" from your route-map and do the testing again.

The reason I am asking to do the testing by removing the above command is, to verify whether the "set interface" is taking precedence over the "set ip next-hop". I hope it makes sense.



* Pls rate if it helps*

New Member

Re: Policy Route-Map forwarding

The Fa0/0 interface of your router has a /28 mask which does not include the IP address of the Barracuda ( If this is a flat network, your router will fail to forward the SMTP traffic to the Barracuda, whilst you still would see the match in the access list. It could be you have a simple connectivity issue due to an addressing problem. I would suggest to test with a /27 mask. The rest of your setup looks fine.

CreatePlease to create content