10-09-2017 04:04 AM - edited 03-08-2019 12:18 PM
Hi,
I have a 2901 router with a few IPsecs. I have two servers (172.31.1.1 and 172.31.2.1). All customers use these server IPs. One customer cannot, however, so if from 172.15.0.1 or 172.15.0.2, and destination 192.168.1.1 or destination 192.168.1.2, then redirect to 172.31.1.1 or172.31.2.1. All other traffic to remain unaltered.
10-09-2017 04:37 AM
Hello,
some sort of policy routing could accomplish this, maybe...
You have to match source and destination in an access list, and then set the next. It would look like this:
access-list 101 permit ip host 172.15.0.1 host 192.168.1.1
access-list 102 permit ip host 172.15.0.2 host 192.168.1.2
route-map REDIRECT permit 10
match ip address 101
set ip next-hop 172.31.1.1
route-map REDIRECT permit 20
match ip address 102
set ip next-hop 172.31.2.1
10-09-2017 05:07 AM
Hi,
I should reword this:
if from 172.15.0.1 or 172.15.0.2, and destination 192.168.1.1 or destination 192.168.1.2, then NAT 192.168.1.1 or 192.168.1.2 to 172.31.1.1 or172.31.2.1, and NAT outbound in the reverse.
so:
inbound from 172.15 NAT the 192.168 address to 172.31
outbound to 172.15 NAT the 172.31 address to 192.168
Do not NAT 172.31 traffic for other destinations.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide