Showing results for 
Search instead for 
Did you mean: 

Policy Based Routing - Next Hop destination Matched



I'm trying to come up with a solution where if traffic that is not being sent to the to proxy and going to port 80 and 443 to send the traffic to the my next-hop which in this is case is my default route.


Example; I have a default route to go to my WAN firewall - However, we do have a GPO to forces the user to send all http https traffic to the proxy but of course there are those tech savy that uses Firefox to bypass the proxy. 


We want any traffic from SVI destine to on 80 443 to send that traffic to default gateway..


but what i want in my route map is that if traffic destine to the Defatult gateway let's say is down then to send that matched traffic to another gateway


Is that possible to do in a IP match set next-hop route map?

VIP Advisor

Re: Policy Based Routing - Next Hop destination Matched

try something like this:


ip access-list extended HTTP_ONLY

permit tcp any eq 80

permit tcp any eq 443


route-map HTTP_NEXTHOP permit 10

match ip address HTTP_ONLY

set ip next-hop x.x.x.x


interface gi0/1

ip policy route-map HTTP_NEXTHOP

Please remember to rate useful posts, by clicking on the stars below.

Re: Policy Based Routing - Next Hop destination Matched

Thank you for the info - I did know what my configuration was - Wondering if I could set two next hop one with 100 over other one?

Also, missed to mentioned -- if I add ANY as the destination that would include internal traffic as well. we dont want to do that ---
i'm assuming your suggested acl would be more like:
permit tcp eq 80, Right?