cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
118
Views
0
Helpful
2
Replies
Highlighted

Policy Based Routing - Next Hop destination Matched

Hi,

 

I'm trying to come up with a solution where if traffic that is not being sent to the to proxy and going to port 80 and 443 to send the traffic to the my next-hop which in this is case is my default route.

 

Example; I have a default route to go to my WAN firewall - However, we do have a GPO to forces the user to send all http https traffic to the proxy but of course there are those tech savy that uses Firefox to bypass the proxy. 

 

We want any traffic from SVI destine to 0.0.0.0 on 80 443 to send that traffic to default gateway..

 

but what i want in my route map is that if traffic destine to the Defatult gateway let's say 192.168.12.8 is down then to send that matched traffic to another gateway 192.168.200.8

 

Is that possible to do in a IP match set next-hop route map?

2 REPLIES 2
Highlighted
VIP Advisor

Re: Policy Based Routing - Next Hop destination Matched

try something like this:

 

ip access-list extended HTTP_ONLY

permit tcp 10.10.10.0 0.0.7.255 any eq 80

permit tcp 10.10.10.0 0.0.7.255 any eq 443

!

route-map HTTP_NEXTHOP permit 10

match ip address HTTP_ONLY

set ip next-hop x.x.x.x

!

interface gi0/1

ip policy route-map HTTP_NEXTHOP

Please remember to rate useful posts, by clicking on the stars below.

Re: Policy Based Routing - Next Hop destination Matched

Thank you for the info - I did know what my configuration was - Wondering if I could set two next hop one with 100 over other one?

Also, missed to mentioned -- if I add ANY as the destination that would include internal traffic as well. we dont want to do that ---
i'm assuming your suggested acl would be more like:
permit tcp 10.10.10.0 0.0.7.255 0.0.0.0 eq 80, Right?