Solved: Re: ping source not working when using route-map

Frank Sinatra · ‎04-18-2019

I have two active WAN connetions so I have a route-map for each connection. If I connect a PC to the LAN, everything works fine. But ping doesn't work with a source. If I do ping 8.8.8.8 source vlan 10, it doesn't work.

Here's my config:

interface FastEthernet0
 switchport access vlan 2
!
interface FastEthernet1
 switchport mode trunk
!
interface FastEthernet2
 switchport access vlan 3
!
interface Vlan2
 description WAN-1
 ip address 192.168.10.2 255.255.255.252
!
interface Vlan3
 description WAN-2
 ip address 192.168.20.2 255.255.255.252
 ip nat outside
!
interface Vlan10
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip policy route-map PBR-10
!
interface Vlan20
 ip address 10.10.20.1 255.255.255.0
 ip nat inside
 ip policy route-map PBR-20
!
ip nat inside source list Vlan10 interface Vlan2 overload
ip nat inside source list Vlan20 interface Vlan3 overload
!
ip access-list extended Vlan10
 permit ip 10.10.10.0 0.0.0.255 any
!
ip access-list extended Vlan20
 permit ip 10.10.20.0 0.0.0.255 any
!
route-map PBR-10 permit 10
 set ip default next-hop 192.168.10.1
!
route-map PBR-20 permit 10
 set ip default next-hop 192.168.20.1
!

Philip D'Ath · ‎04-18-2019

Policy based routing only affects traffic flowing through the router.

You have to enable "Local Policy Based Routing" for it to affect traffic originating from the router.

https://www.grandmetric.com/knowledge-base/design_and_configure/how-to-configure-policy-based-routing-for-localy-generated-traffic-cisco/

View solution in original post

balaji.bandi · ‎04-18-2019

If i undertstand correctly your PBR is not covered VLAN 10 ?

Do you haver NAT ? can you post full config ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Frank Sinatra · ‎04-18-2019

Sorry! I have updated my original post with NAT config.

balaji.bandi · ‎04-18-2019

Do you have Default route ?

show you post show ip route ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Frank Sinatra · ‎04-18-2019

I had a default route for the WAN-1 but it was causing issues so I have removed it now.

C        10.10.10.0/24 is directly connected, Vlan10
L        10.10.10.1/32 is directly connected, Vlan10
C        10.10.20.0/24 is directly connected, Vlan20
L        10.10.20.1/32 is directly connected, Vlan20
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/24 is directly connected, Vlan2
L        192.168.10.1/32 is directly connected, Vlan2
      192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.20.0/24 is directly connected, Vlan3
L        192.168.20.1/32 is directly connected, Vlan3

balaji.bandi · ‎04-19-2019

So you need to have Default route, But if that is breaking the connection

show us the issue after adding route. so we can have look and suggest best option.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Philip D'Ath · ‎04-18-2019

Policy based routing only affects traffic flowing through the router.

You have to enable "Local Policy Based Routing" for it to affect traffic originating from the router.

https://www.grandmetric.com/knowledge-base/design_and_configure/how-to-configure-policy-based-routing-for-localy-generated-traffic-cisco/

paul driver · ‎04-19-2019

Hello

Vlan 2 isnt enabled for nat also your PBR statement could be incorrect here.
ip default nexthop will only be use if no match is made in the route tablble, and also if only a default route is match then it will be ignored anyway and routed normally.

I think you need to try and use ip default-next hop instead which will try to policy route with no rib check.

Try the following:
conf t
no ip nat inside source list Vlan10 interface Vlan2 overload
no ip nat inside source list Vlan20 interface Vlan3 overload

interface Vlan2
ip nat outside

route-map PBR-10 permit 10
match interface vlan 10
match ip address vlan 10
no set ip default next-hop 192.168.10.1

route-map PBR-20
match interface vlan 20
match ip address vlan 20
no set ip default next-hop 192.168.20.1
set ip next-hop 192.168.20.1

ip route 0.0.0.0 0.0.0.0 vlan 2 192.168.10.1
ip nat inside source route-map PBR-10 interface Vlan2 overload
ip nat inside source route-map PBR-20 interface Vlan3 overload

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul