Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

471
Views
25
Helpful
7
Replies
Frank Sinatra
Frank Sinatra Beginner
Beginner
‎04-18-2019 02:47 PM
‎04-18-2019 02:47 PM

ping source not working when using route-map

I have two active WAN connetions so I have a route-map for each connection. If I connect a PC to the LAN, everything works fine. But ping doesn't work with a source. If I do ping 8.8.8.8 source vlan 10, it doesn't work.

 

Here's my config:

interface FastEthernet0
 switchport access vlan 2
!
interface FastEthernet1
 switchport mode trunk
!
interface FastEthernet2
 switchport access vlan 3
!
interface Vlan2
 description WAN-1
 ip address 192.168.10.2 255.255.255.252
!
interface Vlan3
 description WAN-2
 ip address 192.168.20.2 255.255.255.252
 ip nat outside
!
interface Vlan10
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip policy route-map PBR-10
!
interface Vlan20
 ip address 10.10.20.1 255.255.255.0
 ip nat inside
 ip policy route-map PBR-20
!
ip nat inside source list Vlan10 interface Vlan2 overload
ip nat inside source list Vlan20 interface Vlan3 overload
!
ip access-list extended Vlan10
 permit ip 10.10.10.0 0.0.0.255 any
!
ip access-list extended Vlan20
 permit ip 10.10.20.0 0.0.0.255 any
!
route-map PBR-10 permit 10
 set ip default next-hop 192.168.10.1
!
route-map PBR-20 permit 10
 set ip default next-hop 192.168.20.1
!

 

Labels:
0 Helpful
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
Philip D'Ath
VIP Advisor Philip D'Ath VIP Advisor
VIP Advisor
‎04-18-2019 06:47 PM
‎04-18-2019 06:47 PM

Re: ping source not working when using route-map

Policy based routing only affects traffic flowing through the router.

 

You have to enable "Local Policy Based Routing" for it to affect traffic originating from the router.

https://www.grandmetric.com/knowledge-base/design_and_configure/how-to-configure-policy-based-routing-for-localy-generated-traffic-cisco/

View solution in original post

Reply
7 REPLIES 7
balaji.bandi
VIP Advisor balaji.bandi VIP Advisor
VIP Advisor
‎04-18-2019 02:57 PM
‎04-18-2019 02:57 PM

Re: ping source not working when using route-map

If i undertstand correctly your PBR is not covered VLAN 10 ?

 

Do you haver NAT ? can you post full config ?

BB
*** Rate All Helpful Responses ***
Reply
Highlighted
Frank Sinatra
Frank Sinatra Beginner
Beginner
‎04-18-2019 02:59 PM
‎04-18-2019 02:59 PM

Re: ping source not working when using route-map

Sorry! I have updated my original post with NAT config.
0 Helpful
Reply
balaji.bandi
VIP Advisor balaji.bandi VIP Advisor
VIP Advisor
‎04-18-2019 03:22 PM
‎04-18-2019 03:22 PM

Re: ping source not working when using route-map

Do you have Default route ?

 

show you post show ip route ?

BB
*** Rate All Helpful Responses ***
Reply
Frank Sinatra
Frank Sinatra Beginner
Beginner
‎04-18-2019 03:33 PM
‎04-18-2019 03:33 PM

Re: ping source not working when using route-map

I had a default route for the WAN-1 but it was causing issues so I have removed it now.

 

C        10.10.10.0/24 is directly connected, Vlan10
L        10.10.10.1/32 is directly connected, Vlan10
C        10.10.20.0/24 is directly connected, Vlan20
L        10.10.20.1/32 is directly connected, Vlan20
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/24 is directly connected, Vlan2
L        192.168.10.1/32 is directly connected, Vlan2
      192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.20.0/24 is directly connected, Vlan3
L        192.168.20.1/32 is directly connected, Vlan3
0 Helpful
Reply
balaji.bandi
VIP Advisor balaji.bandi VIP Advisor
VIP Advisor
‎04-19-2019 08:07 AM
‎04-19-2019 08:07 AM

Re: ping source not working when using route-map

So you need to have Default route, But if that is breaking the connection

show us the issue after adding route. so we can have look and suggest best option.

BB
*** Rate All Helpful Responses ***
Reply
Philip D'Ath
VIP Advisor Philip D'Ath VIP Advisor
VIP Advisor
‎04-18-2019 06:47 PM
‎04-18-2019 06:47 PM

Re: ping source not working when using route-map

Policy based routing only affects traffic flowing through the router.

 

You have to enable "Local Policy Based Routing" for it to affect traffic originating from the router.

https://www.grandmetric.com/knowledge-base/design_and_configure/how-to-configure-policy-based-routing-for-localy-generated-traffic-cisco/

View solution in original post

Reply
paul driver
VIP Advisor paul driver VIP Advisor
VIP Advisor
‎04-19-2019 01:32 AM
‎04-19-2019 01:32 AM

Re: ping source not working when using route-map

Hello

Vlan 2 isnt enabled for nat also your PBR statement could be incorrect here.
ip default nexthop will only be use if no match is made in the route tablble, and also if only a default route is match then it will be ignored anyway and routed normally.

 

I think you need to try and use ip default-next hop instead which will try to policy route with no rib check.


Try the following:
conf t
no ip nat inside source list Vlan10 interface Vlan2 overload
no ip nat inside source list Vlan20 interface Vlan3 overload

interface Vlan2
ip nat outside

route-map PBR-10 permit 10
match interface vlan 10
match ip address vlan 10
no set ip default next-hop 192.168.10.1


route-map PBR-20
match interface vlan 20
match ip address vlan 20
no set ip default next-hop 192.168.20.1
set ip next-hop 192.168.20.1

ip route 0.0.0.0 0.0.0.0 vlan 2 192.168.10.1
ip nat inside source route-map PBR-10 interface Vlan2 overload
ip nat inside source route-map PBR-20 interface Vlan3 overload



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Reply
Latest Contents
CDP/LLDP neighbors via SNMP - command line tools
Created by Oleg Volkov on 12-12-2019 09:07 AM
0
0
0
0
Hi!Need to find network devices but not want to open SSH and do show cdp nei, show lldp nei and then need to sh cdp nei gig0/1 det and more.... ?Now You can do from PowerShell.\cdplldp.exe -v v3 -u <SNMPv3 user> -a SHA -w <SNMPv3 authkey> -pp ... view more
Community Live slides - Getting to know Cisco SD-WAN
Created by ciscomoderator on 12-10-2019 06:56 PM
0
0
0
0
Community Live slides- Getting to know Cisco SD-WAN (Live event - formerly known as Webcast-  Wednesday December 11, 2019 at 10 am Pacific/ 1 pm Eastern / 7 pm Paris) This event had place on Wednesday 11th, December 2019 at 10hrs PDT  This sessi... view more
Ask Me Anything event - Getting to know Cisco SD-WAN
Created by ciscomoderator on 12-10-2019 06:48 PM
0
0
0
0
To   participate   in this event, please use the   button   to ask your questions This topic is a chance to clarify your questions about the Cisco Software-Defined WAN (SD-WAN) solution, its historical roo... view more
Ask Me Anything event - Configuration, Verification, and Tro...
Created by ciscomoderator on 12-09-2019 03:03 PM
0
0
0
0
To   participate   in this event, please use the   button   to ask your questions This topic is a chance to clarify your questions about the configuration, verification, troubleshooting and gener... view more
Recent changes in SRIOV VF mapping in NFVIS GUI
Created by gosekar on 12-05-2019 06:59 PM
0
0
0
0
Starting from NFVIS 3.12 versions, the deploy option does not depict all the SR-IOV VFs(Virtual Functions) available in a physical interface. This change is introduced as (i) the number of VFs of ENCS platform on LANs side is increased to 24 and (ii) the... view more
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
FusionCharts will render here