04-18-2019 02:47 PM - edited 04-18-2019 02:59 PM
I have two active WAN connetions so I have a route-map for each connection. If I connect a PC to the LAN, everything works fine. But ping doesn't work with a source. If I do ping 8.8.8.8 source vlan 10, it doesn't work.
Here's my config:
interface FastEthernet0 switchport access vlan 2 ! interface FastEthernet1 switchport mode trunk ! interface FastEthernet2 switchport access vlan 3 ! interface Vlan2 description WAN-1 ip address 192.168.10.2 255.255.255.252 ! interface Vlan3 description WAN-2 ip address 192.168.20.2 255.255.255.252 ip nat outside ! interface Vlan10 ip address 10.10.10.1 255.255.255.0 ip nat inside ip policy route-map PBR-10 ! interface Vlan20 ip address 10.10.20.1 255.255.255.0 ip nat inside ip policy route-map PBR-20 !
ip nat inside source list Vlan10 interface Vlan2 overload
ip nat inside source list Vlan20 interface Vlan3 overload
!
ip access-list extended Vlan10
permit ip 10.10.10.0 0.0.0.255 any
!
ip access-list extended Vlan20
permit ip 10.10.20.0 0.0.0.255 any
! route-map PBR-10 permit 10 set ip default next-hop 192.168.10.1 ! route-map PBR-20 permit 10 set ip default next-hop 192.168.20.1 !
Solved! Go to Solution.
04-18-2019 06:47 PM
Policy based routing only affects traffic flowing through the router.
You have to enable "Local Policy Based Routing" for it to affect traffic originating from the router.
04-18-2019 02:57 PM
If i undertstand correctly your PBR is not covered VLAN 10 ?
Do you haver NAT ? can you post full config ?
04-18-2019 02:59 PM
04-18-2019 03:22 PM
Do you have Default route ?
show you post show ip route ?
04-18-2019 03:33 PM
I had a default route for the WAN-1 but it was causing issues so I have removed it now.
C 10.10.10.0/24 is directly connected, Vlan10 L 10.10.10.1/32 is directly connected, Vlan10 C 10.10.20.0/24 is directly connected, Vlan20 L 10.10.20.1/32 is directly connected, Vlan20 192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.10.0/24 is directly connected, Vlan2 L 192.168.10.1/32 is directly connected, Vlan2 192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.20.0/24 is directly connected, Vlan3 L 192.168.20.1/32 is directly connected, Vlan3
04-19-2019 08:07 AM - edited 04-19-2019 08:09 AM
So you need to have Default route, But if that is breaking the connection
show us the issue after adding route. so we can have look and suggest best option.
04-18-2019 06:47 PM
Policy based routing only affects traffic flowing through the router.
You have to enable "Local Policy Based Routing" for it to affect traffic originating from the router.
04-19-2019 01:32 AM - edited 04-19-2019 12:21 PM
Hello
Vlan 2 isnt enabled for nat also your PBR statement could be incorrect here.
ip default nexthop will only be use if no match is made in the route tablble, and also if only a default route is match then it will be ignored anyway and routed normally.
I think you need to try and use ip default-next hop instead which will try to policy route with no rib check.
Try the following:
conf t
no ip nat inside source list Vlan10 interface Vlan2 overload
no ip nat inside source list Vlan20 interface Vlan3 overload
interface Vlan2
ip nat outside
route-map PBR-10 permit 10
match interface vlan 10
match ip address vlan 10
no set ip default next-hop 192.168.10.1
route-map PBR-20
match interface vlan 20
match ip address vlan 20
no set ip default next-hop 192.168.20.1
set ip next-hop 192.168.20.1
ip route 0.0.0.0 0.0.0.0 vlan 2 192.168.10.1
ip nat inside source route-map PBR-10 interface Vlan2 overload
ip nat inside source route-map PBR-20 interface Vlan3 overload
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide