08-24-2021 03:50 AM
Hi, I'm trying to set up PBR (Route Maps) on FTD managed by FDM but I'm finding it impossible, on ASA it would look something like this
access-list ROUTEMAP-ACL1 extended permit tcp object CloudKey1 any
route-map ROUTEMAP1 permit 10 match ip address ROUTEMAP-ACL1 set ip next-hop <IP-ADDRESS-OF-ISP2-GATEWAY>
I've added the accesslist and the first line of the route-map command via SmartCLI but I'm stuck on how to create the subsequent commands
If I try to use FlexConfig it says that route-map command is blacklisted CLI
Any ideas?
08-24-2021 11:15 AM
Please make sure you are running version 6.6 or higher in the FDM and the syntax is the same as ASA.
08-25-2021 01:53 AM - edited 08-25-2021 01:54 AM
I am in fact running version 6.6.4, I managed to partially get it to work using a workaround to configure bgp-set-clause to set the next hop as there is a bug which does not let you configure set clause when creating the Route Map in SmartCLI (I have attached a screenshot on how I've set it up.
After that I created a FlexConfig object to attach the above route map to the interface as per below
With the above I can confirm that it works however I have an issue that I have no failover for PBR, on an ASA I would have used the following commands:
set ip next hop verify-availability 192.168.22.254 track 1
set ip next hop verify-availability 192.168.21.254 track 2
which would have enabled failover for PBR using a SLA monitor.
I was so excited to move from ASA to FTD but it seems that the product has so much less features.
09-08-2022 09:09 AM
Hi,
Can you share the steps how you applied this route-map to the interface?
Thanks
10-25-2022 07:00 AM
Hi there, I got same issue in terms of applying route-map to the interface, have you found solution?
09-10-2022 01:31 PM
Without knowing the steps you are taking to create the route-map, we can only provide information on how a route-map is created using FDM. Check the following link
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: