I have been trying to configure PBR and NAT on a 2611XM edge router (IOS 12.2(46a)) in order to make use of a newly acquired second internet feed. The intent is that this feed will service all of our "outgoing" http/https traffic, freeing up valuable bandwidth on our original main Internet feed for public access to our web services (http/https/Citrix/Webmail/VPN/etc.)

To accomplish this, I have tried to configure PBR to policy-route the outbound http/https traffic to ISP#2. Things seem to work for some clients and some sites but not for everything as I expected. ACL rules are being hit and appropriate nat translations appear in "show ip nat trans", but some sites simply timeout from some clients, but not from others.

I have attached an annotated config and a net diagram to help describe my situation. Real IP addresses have been replaced with fictitious IPs.

If anyone has any suggestions I'd love to hear them.

Thanks, in advance.

John