I am trying to do policy based routing with route-map, it is working fine on the way of the packet except at the end when the vasi interface pair comes into.
The packet lands on vasileft interface which is in a vrf and the packet should go to a subinterface which is in the same vrf. This works just fine when normal routing is in place, but if I would like to route with route-map it is not working. The packet turns back to vasiright.
Could you please advise why?
I have the following configuration
vrf forwarding ***
ip address X.X.X.5 255.255.255.252
ip policy route-map DMVPN-INTERNET3
vrf forwarding ***INSIDE
ip address X.X.X.6 255.255.255.252
route-map DMVPN-INTERNET3 permit 10
match ip address ROUTE-INTERNET
set ip vrf **** next-hop X.X.20.249
ip access-list extended ROUTE-INTERNET
deny ip X.X.21.0 0.0.0.255 10.0.0.0 0.255.255.255
deny ip X.X.21.0 0.0.0.255 192.0.0.0 0.255.255.255
deny ip X.X.21.0 0.0.0.255 184.108.40.206 0.255.255.255
permit ip X.X.21.0 0.0.0.255 any
Basicly what I would like to achieve is that all the traffic has to go to X.X.20.249.
Is there a limitation for policy based routing on vasi interface?
PRTG system in place running other sensors on the same host, which are working. Ive added syslog receiver sensor and receiving PRTG data from switch that increases drops, errors and warning stats that disappear after a few minutes. Within mess...
Hi, here is an example how to configure IP-NAT, GRE, IPSEC. I've seen plenty of questions and this might be a good solution! (Mostly the use of commands that might remind u) IP NAT======================================================================...
Hi everyone.I have a problem in my Network.So i have 3 routers and a firewall in my topology. I have configured OSPF and all routers works expect R3 (see in the image below)When I watch my neignbor in R3 it says :192.168.7.7 1 INIT/DROTHER 00:00:37 10.0.2...
Host Onboarding is the term used when connecting an endpoint (hosts , IOT , Other devices) to the fabric , and can be accomplished in a couple of ways.One option is the "static" approach as oppose to the dynamic and secure approach using&nbs...