Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
326
Views
2
Helpful
8
Replies

Question on policy routing

uralsib
Level 1
Level 1

‎12-22-2006 05:11 AM - edited ‎03-03-2019 03:09 PM

Hi, I'm have one qustion concerning policy routing (excuse me for my bad possible bad English). I need to reroute ip packet coming from, suppose Ethernet1 (ip address 172.16.200.1) with source address (SA) 172.16.100.2 and dest address (DA) 172.16.100.1. I need to reroute it to the outside interface that is physically Ethernet1 but logically - another interface (I use secondary IP address). Suppose this new destination IP address is 192.168.1.1, while the secondary ip address of Ethernet1 is 192.168.1.254.

The point is to translate this (172.16.100.1) address into another (suppose 10.25.100.1) and to encapsulate it into VPN-tunnel based upon 192.168.1.254 ->192.168.1.1 link.

The problem is that I defined ip policy on ethernet1 but the router (soho91, by the way) don't want even to check this packet on policy rules, it simply immediately forwards the packet back to the 172.16.100.0. And the question is^ how can I reroute ip packet from 172.16.100.2 coming from the subnet 172.16.100.0 and destined for 172.16.100.1 on, say, another interface?

Excuse me for the explanation I provided, I can supply configs if it can help.

Best regards, Amir Asfandyarov

Labels:
0 Helpful
8 Replies 8

kamal-learn
Level 4
Level 4

‎12-22-2006 05:15 AM

hi

did you applied the policy to the interface ??

0 Helpful

uralsib
Level 1
Level 1
In response to kamal-learn

‎12-22-2006 05:18 AM

Yes, I did.

access-list 103 permit ip host 172.16.100.2 host 172.16.100.1

route-map nat-loop permit 20

match ip address 103

set ip next-hop 192.168.1.1

0 Helpful

kamal-learn
Level 4
Level 4
In response to uralsib

‎12-22-2006 05:31 AM

hi

no what i mean you have to apply this on an interface (ip policy route-map nat-loop)

HTH

please do rate if it does clarify

uralsib
Level 1
Level 1
In response to kamal-learn

‎12-22-2006 05:41 AM

I have forgotten to paste this line into forum text-field.

I mean I had

"ip policy route-map nat-loop" in my config. It was not the case of the problem.

Thank you for help, anyway.

0 Helpful

kamal-learn
Level 4
Level 4
In response to uralsib

‎12-22-2006 06:52 AM

hi

can you post your config?

thanx

0 Helpful

uralsib
Level 1
Level 1
In response to kamal-learn

‎12-22-2006 07:01 AM

Yes, of course, but I'll do it on Monday - i have no remote access to my test environment (i.e SOHO).

0 Helpful

uralsib
Level 1
Level 1
In response to uralsib

‎12-24-2006 08:10 PM

I've added my config.

Preview file
2 KB
0 Helpful

rajivrajan1
Level 3
Level 3
In response to uralsib

‎12-25-2006 08:06 PM

q

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card