Hello team, I want to redirect ssh traffic to a server for analyzing and reviewing (to PAM server), before go to real switches.for example when I ssh to 10.10.88.1, traffic go to PAM server and then go to 10.10.88.1;;
I write an ACL for filtering ssh traffic and assign it to a route-map and set ip next-hop to this server (PAM), on the distribution and core switches. and set ip policy on interface connected to core.
dist are 3750x and 3850-x and core is 4500 series.
but this scenario doesn't work.
all configs are correct and I review them many times, but I wonder if route-map ip next-hop can point to a host beyond some routers or it is for pointing to next hop router only.