02-26-2014 09:50 AM - edited 03-07-2019 06:25 PM
Hi All,
I was trying to route one of the vlan internet traffic to Head office ASA, this vlan is inside VRF Network. Head office is connected through ISP VPN cloud. still the traffic is going through local ASA. Please advise.
interface Vlan100
description *** XXXXX ***
ip vrf forwarding ABC-VRF
ip address 10.X.X.X 255.255.255.0
ip policy route-map VLAN101-TEST
end
ip route vrf ABC-VRF 0.0.0.0 0.0.0.0 10.X.X.X 250 name INTERNET
ACL 100
Access-list 100 permit 10.X.X.X 0.0.0.255 any
route-map VLAN100-TEST:
route-map VLAN100-TEST permit 100
Match IP Address 100
Set ip next-hope X.X.X.X (VPN Gateway IP)
02-26-2014 01:44 PM
What model of switch and what IOS version are you running ?
Jon
02-27-2014 12:12 AM
6509-E
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9-M), Version 12.2(33)SXI4a, RELEASE SOFTWARE (fc2)
02-26-2014 02:00 PM
Hello
Does you ios support route-map command?
set ip vrf ABC-VRF next-hop xxxx
res
Paul
Please don't forget to rate any posts that have been helpful.
Thanks.
02-27-2014 12:59 AM
Yes, it support this command.
I do not want to route entire vrf network to HO ASA, only one vlan internet traffic needs to route. Thanks.
02-27-2014 03:34 AM
I do not want to route entire vrf network to HO ASA, only one vlan internet traffic needs to route. Thanks.
You don't have to.
The acl used with the PBR configuration defines which traffic uses the PBR next hop. The command Paul provided is used by PBR but only traffic matching the acl will be sent to that next hop.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide