cisco 4503

mohammed.dhastageer · ‎01-12-2015

Hi,

first I explain my scenario . our core switch is(4503). we have two firewall(ASA 5510) and with two different isp connection .

firewall-1 = A

firewall-2 = B

in core switch default route is to firewall -1 =A. some of the traffic like specific destination external ip only we forwarded to firewall-2=B. now I want to know how to forward one specific host(internal) traffic forward to any destination via firewall-2=B. I think I can do via route map. could you please suggest me with sample .

jon200689 · ‎01-12-2015

Try this, it will depend on whether or not you are running the correct IOS and if you have enterprise services enabled.

enable

configure terminal

ip access-list standard 99

permit host (insert ip of specific host)

exit

Route-Map Test

match ip address 99

set ip next-hop (insert ip of next hop firewall)

exit

ip local policy route-map Test

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/pbroute.html

One thing to note on this configuration is that egress traffic for this device will leave out of the respective firewall, but ingress will come in with all the rest of the traffic.

mohammed.dhastageer · ‎01-12-2015

Hi ,

thanks for your Reply. im not able to use this command (red color font ). ip local policy or ip policy.

Note : my ios is cat4500-ipbasek9-mz.122-53.SG2.bin. I need to upgrade firmware. if it is which one.

jon200689 · ‎01-13-2015

it looks like that image only has IP Base which does not support Policy Based Routing. In order to enable that feature you will need Enterprise Services.

"The IP Base image does not support enhanced routing features such as NSF/SSO, BGP, EIGRP, EIGRPv6, OSPF, OSPFv3, IS-IS, Internetwork Packet Exchange (IPX), AppleTalk, VRF-lite, and Policy-Based Routing (PBR). "

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/release/note/OL_5184.html#pgfId-1485166