Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
589
Views
0
Helpful
1
Replies

Policy Based Routing for Management

bob.bartlett
Level 1
Level 1

‎03-29-2011 08:00 PM - edited ‎03-06-2019 04:20 PM

1.  ASA Management Interface in correct VLAN and subnet

2.  Cisco 4507R Switch with routing turned on and multiple VLANS

          a.  Management workstations(VLAN 222, 10.10.34.64/27) need to access the Management network (VLAN 998, 10.10.34.0/26) via the ASA

          b.  No Access unless the traffic passes the ASA

3.  Need to set up PBR on the 4500 so that when a host on the 10.10.34.64 network tries to access a host on the 10.10.34.0 network it is routed to the ASA and then to the host and not routed from VLAN  interface to the other.

Here is example of my thoughts on configuration

Policy Based Routing
ip access-list ext MGT_TRAFFIC
permit ip any 10.10.34.0 0.0.0.63

route-map MANAGEMENT permit 10
match ip address MGT_TRAFFIC
set ip next-hop 10.10.60.1

interface vlan 222
ip policy route-map MANAGEMENT

----------                     -------------------------
ip access-list ext MGT_OUT
permit ip 10.10.34.0 0.0.0.63

route-map MGTOUT permit 11
match ip address MGT_OUT
set ip next-hop 10.10.34.1

interface vlan 998
ip policy route-map MGTOUT

Labels:
0 Helpful
1 Reply 1

mahmoodmkl
Level 7
Level 7

‎03-29-2011 11:13 PM

Hi,

i think there is no need to apply the PBR under u r vlan 998 interface.

Thanks

0 Helpful
Customers Also Viewed These Support Documents