1 Accepted Solution
Accepted Solutions
First, we need to configure interfaces.
ciscoasa(config)# interface GigabitEthernet0/0 ciscoasa(config-if)# no shutdown ciscoasa(config-if)# nameif inside ciscoasa(config-if)# ip address 10.1.1.1 255.255.255.0 ciscoasa(config)# interface GigabitEthernet0/1 ciscoasa(config-if)# no shutdown ciscoasa(config-if)# nameif outside-1 ciscoasa(config-if)# ip address 192.168.6.5 255.255.255.0 ciscoasa(config)# interface GigabitEthernet0/2 ciscoasa(config-if)# no shutdown ciscoasa(config-if)# nameif outside-2 ciscoasa(config-if)# ip address 172.16.7.6 255.255.255.0
Then, we need to configure an access-list for matching the traffic.
ciscoasa(config)# access-list acl-1 permit ip 10.1.0.0 255.255.0.0 ciscoasa(config)# access-list acl-2 permit ip 10.2.0.0 255.255.0.0
We need to configure a route-map by specifying the above access-list as match criteria along with the required set actions.
ciscoasa(config)# route-map equal-access permit 10 ciscoasa(config-route-map)# match ip address acl-1 ciscoasa(config-route-map)# set ip next-hop 192.168.6.6 ciscoasa(config)# route-map equal-access permit 20 ciscoasa(config-route-map)# match ip address acl-2 ciscoasa(config-route-map)# set ip next-hop 172.16.7.7 ciscoasa(config)# route-map equal-access permit 30 ciscoasa(config-route-map)# set ip interface Null0
Now, this route-map has to be attached to an interface.
ciscoasa(config)# interface GigabitEthernet0/0 ciscoasa(config-if)# policy-route route-map equal-access
To display the policy routing configuration.
ciscoasa(config)# show policy-route Interface Route map GigabitEthernet0/0 equal-access
First, we need to configure interfaces.
ciscoasa(config)# interface GigabitEthernet0/0 ciscoasa(config-if)# no shutdown ciscoasa(config-if)# nameif inside ciscoasa(config-if)# ip address 10.1.1.1 255.255.255.0 ciscoasa(config)# interface GigabitEthernet0/1 ciscoasa(config-if)# no shutdown ciscoasa(config-if)# nameif outside-1 ciscoasa(config-if)# ip address 192.168.6.5 255.255.255.0 ciscoasa(config)# interface GigabitEthernet0/2 ciscoasa(config-if)# no shutdown ciscoasa(config-if)# nameif outside-2 ciscoasa(config-if)# ip address 172.16.7.6 255.255.255.0
Then, we need to configure an access-list for matching the traffic.
ciscoasa(config)# access-list acl-1 permit ip 10.1.0.0 255.255.0.0 ciscoasa(config)# access-list acl-2 permit ip 10.2.0.0 255.255.0.0
We need to configure a route-map by specifying the above access-list as match criteria along with the required set actions.
ciscoasa(config)# route-map equal-access permit 10 ciscoasa(config-route-map)# match ip address acl-1 ciscoasa(config-route-map)# set ip next-hop 192.168.6.6 ciscoasa(config)# route-map equal-access permit 20 ciscoasa(config-route-map)# match ip address acl-2 ciscoasa(config-route-map)# set ip next-hop 172.16.7.7 ciscoasa(config)# route-map equal-access permit 30 ciscoasa(config-route-map)# set ip interface Null0
Now, this route-map has to be attached to an interface.
ciscoasa(config)# interface GigabitEthernet0/0 ciscoasa(config-if)# policy-route route-map equal-access
To display the policy routing configuration.
ciscoasa(config)# show policy-route Interface Route map GigabitEthernet0/0 equal-access
