04-16-2017 11:16 PM - edited 03-12-2019 02:13 AM
hi, i facing a PBR issue on ASA,
as i know , the normal PBR format is:
access-list to_ADSL extended permit ip 192.168.1.0 255.255.255.0 any
route-map my_map permit 100
match ip address to_ADSL
set ip next-hop 100.0.0.1
then apply it on the interface.
but now, my ip is dynamic...
so there is no way to know what is the next hop IP.
so i tried this :
access-list to_ADSL extended permit ip 192.168.1.0 255.255.255.0 any
route-map my_map permit 100
match ip address to_ADSL
set interface ADSL_if
then apply it on the interface. BUT, not work, how to set a PBR as the ip is dynamic...
thx
04-17-2017 12:54 AM
my adsl interface IP is assign by pppoe and it's dynamic
04-17-2017 07:56 AM
Hi,
Along with the packet tracer, if possible, please run the below debug
debug policy-route
this will give us an idea if the policy is working as expected or not.
Regards
Akhil
04-17-2017 12:57 AM
Configuration looks ok .
Can you run packet tracer from ASA ? replace LAN with your configured name. I hope you have taken care of NAT configuration.
packet-tracer input LAN tcp 192.168.1.1 443 8.8.8.8 443
Ajay
04-17-2017 02:09 AM
i will try packet tracer after office hours, my nat config is ok, because if i dont define a default route, the ASA will get a default route from pppoe, and the traffice can go out normally. so the nat is ok
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide