Hi

Yes the Internet Router is directly connected to the switch.

I am woundering the port where the Router is connected on the switch should be a normal port, or should I configure this as a non switch port.

Thank you

Hi,

1° ip routing must be enabled on the switch, verify with sh ip route output where you should see your SVIs as directly connected networks

2° you must have the correct SDM template for PBR: verify with sh sdm prefer and change if needed with sdm prefer, you'll nedd to reload for it to take effect

   you need this template for PBR:

Desktop dual IPv4 and IPv6 routing template

3° you need IPservices to be able to do PBR, verify with sh version | i IOS

4° of course the exit interface must be a L3 interface so a routed port(no switchport) or a SVI( int vlan)

Regards.

Alain

Don't forget to rate helpful posts.

I have all the requirements as per above.

The port on the switch where the router connects is a no switch port and I have given the IP, and router is directly connected to that port.

Just not sure where data cannot go to second router.

Can you paste the show ip route for the next-hop IPs you have configured on policy-map

Raju

Thank for your Email. The template that I have on the 3750 is  Desktop Routing and version is 15.0 (0) SE.

I think the routing is working as I have the below :

route-map newisp permit 10

match ip address 120

set ip next-hop 172.20.20.2

!

Gateway of last resort is 192.168.100.1 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 192.168.100.1

      172.20.0.0/16 is variably subnetted, 12 subnets, 2 masks

C        172.20.10.0/24 is directly connected, Vlan110

L        172.20.10.1/32 is directly connected, Vlan110

C        172.20.20.0/24 is directly connected, Vlan120

L        172.20.20.1/32 is directly connected, Vlan120

C        172.20.30.0/24 is directly connected, Vlan130

L        172.20.30.1/32 is directly connected, Vlan130

C        172.20.40.0/24 is directly connected, Vlan140

L        172.20.40.1/32 is directly connected, Vlan140

C        172.20.50.0/24 is directly connected, Vlan150

L        172.20.50.1/32 is directly connected, Vlan150

--More--

003201: *Mar  1 23:59:57.542: %SEC-6-IPACCESSLOGDP: list 100 denied icmp 172.20.

20.80 -> 192.168.171.30 (3/3), 1 packet

C        172.20.60.0/24 is directly connected, Vlan180

L        172.20.60.1/32 is directly connected, Vlan180

      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.10.0/24 is directly connected, Vlan10

L        192.168.10.1/32 is directly connected, Vlan10

      192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.20.0/24 is directly connected, Vlan20

L        192.168.20.1/32 is directly connected, Vlan20

C     192.168.28.0/22 is directly connected, Vlan30

      192.168.30.0/32 is subnetted, 1 subnets

L        192.168.30.1 is directly connected, Vlan30

      192.168.40.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.40.0/24 is directly connected, Vlan40

L        192.168.40.1/32 is directly connected, Vlan40

      192.168.50.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.50.0/24 is directly connected, Vlan50

L        192.168.50.1/32 is directly connected, Vlan50

      192.168.60.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.60.0/24 is directly connected, Vlan60

L        192.168.60.1/32 is directly connected, Vlan60

      192.168.70.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.70.0/24 is directly connected, Vlan70

L        192.168.70.1/32 is directly connected, Vlan70

      192.168.80.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.80.0/24 is directly connected, Vlan80

L        192.168.80.1/32 is directly connected, Vlan80

      192.168.90.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.90.0/24 is directly connected, Vlan90

L        192.168.90.1/32 is directly connected, Vlan90

      192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.100.0/24 is directly connected, GigabitEthernet2/0/35

L        192.168.100.2/32 is directly connected, GigabitEthernet2/0/35

C     192.168.168.0/22 is directly connected, Vlan1

      192.168.168.0/32 is subnetted, 1 subnets

L        192.168.168.168 is directly connected, Vlan1

Hi,

what is the result of a traceroute on a host from each subnet ?

Regards.

Alain

Don't forget to rate helpful posts.

Hi

I can ping  and run the tracert, but I cannot get the Internet data.

I can ping the switch port - which connect to the Router..but I cannot get to the router..

Hi,

what do you mean i can't get the internet data? so you can ping and traceroute to 8.8.8.8 but cannot get a web page( either by name or by IP) ?

Regards.

Alain

Don't forget to rate helpful posts.

My Route Map is Set, but I get ping google.com..

Even tracert does not work.

My switch port ip is 192.168.200.2 - 255.255.255.0

and the Router is 192.168.200.10/24

pbr is enable and route Map is applied to the int Vlan180.

I cannot get access to any Data. and when I apply the Ip policy I get the following error : ""PLATFORM PBR 3 UNSUPPORTED RMAP : Route Map kddi not supported for PBR..""

Please advise.

Thank you