Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
966
Views
0
Helpful
5
Replies

Core Switch 3750 PBR

Sheraiz Ahmad
Level 1
Level 1

‎12-04-2012 09:17 PM - edited ‎03-07-2019 10:24 AM

Hi

I have a 2 ISP One Hooked to router A and the Other to B both are hooked to Core switch 3750. The Port on the switch where the Router is connected is No switch Port and I have given the IP address.

3750 - has the PBR templated

I would like to use PBR to redirect traffic to Router B

VLan 120 - 172.20.20.0

access-list 120 permit ip 172.20.20.0 0.0.0.255 any

route-map NewISP permit 10

match ip address 172.20.20.0

set ip next-hop <new asa ip>

But this does not work....I can ping to the switch Port, cannot be to the Router B.

Could you please advise..

Thankyou

Labels:
0 Helpful
5 Replies 5

Raju Sekharan
Cisco Employee
Cisco Employee

‎12-04-2012 09:50 PM

Hi Sheraiz,

When you say you can't pinf router B, are you mentioing that you are not able to ping to next-hop IP?

For PBR to work, the next-hop ip should be reachble from the switch and it should be directly connected

Raju

0 Helpful

Sheraiz Ahmad
Level 1
Level 1
In response to Raju Sekharan

‎12-04-2012 10:53 PM

Hi Raju

Yes, the Ip for my Router is 192.168.200.X - 255.255.255.0

The Port its connected on the switch is No switch Port with Ip of 192.168.200.B - 255.255.255.0

I am connected on the Lan and I can ping the Ip of the switch Port, but I cannot ping the IP of the Router..

Could you please advise..

vlan 120 = 10.120.0.0/24

vlan 140 = 10.140.0.0/24

access-list 120 permit ip 10.120.0.0 0.0.0.255 any

access-list 140 permit ip 10.140.0.0 0.0.0.255 any

Create a policy that matches on these acls:

route-map NewISP permit 10

match ip address 120

set ip next-hop

route-map NewISP permit 20

match ip address 140

set ip next-hop

Then apply to your vlan interfaces:

int vlan 120

ip policy route-map NewISP

int vlan 140

ip policy route-map NewISP

0 Helpful

Raju Sekharan
Cisco Employee
Cisco Employee
In response to Sheraiz Ahmad

‎12-04-2012 11:15 PM

We need to troubeslhoot the routing first

Can you try pinging the router from switch and check if you haev ARP entries present at both sides

If ARP is presnt is present at both sides, then we can debug ip icmp on the router and ping from switch and see if the ping is reaching the router

Thank you

Raju

0 Helpful

Sheraiz Ahmad
Level 1
Level 1
In response to Raju Sekharan

‎12-05-2012 12:38 AM

Hi

I am woundering as my 3750 has a default route that points to the other Router.

Should I create another static route to point to the new Router or Router B

0 Helpful

Raju Sekharan
Cisco Employee
Cisco Employee
In response to Sheraiz Ahmad

‎12-05-2012 12:55 AM

For directly connected Subnet, you don't need to add any route

Thanks

Raju

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card