Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
556
Views
0
Helpful
3
Replies

Policy Based Routing on Catalyst

MaximBudyonny
Level 1
Level 1

‎10-25-2006 10:19 AM - edited ‎03-05-2019 12:27 PM

Hi All,

I have Catalyst 3750 which operates as L3 switch.

8 routed VLANs 10.0.111.0/27 are configured on it.

All these VLANs were created for different types of guest: WiFi, wired and so on. ACLs on Catalyst 3750 protect my LAN from guests and also protect different type of guests from each other.

But guests want to access Internet.

Corporate security policy requires that guests Internet traffic must go through MS ISA server. With Cisco router I can do it with a help of PBR

Something like:

route-map to-isa permit 10

match ip address ACL_THAT_MATCHES_INET_TRAFFIC

set ip next-hop MS_ISA_IP

But how can I do it with Catalyst switch?

Labels:
0 Helpful
3 Replies 3

michaelc0n
Level 1
Level 1

‎10-25-2006 01:21 PM

PBR will work on a cat switch 3750 provided you have the EMI IMAGE...might be worth getting.

interface Vlan2

ip address 10.0.111.1 255.255.255.224

ip policy route-map pbr

access-list 10 permit 10.0.111.0 0.0.0.31

route-map pbr permit 10

match ip address 10

set ip next-hop "isa server"

If that doesn't work how bout VACLs?

0 Helpful

jlkeys
Level 1
Level 1
In response to michaelc0n

‎10-25-2006 04:33 PM

Stick with VACL's if you can, PBR can be process intensive.

0 Helpful

MaximBudyonny
Level 1
Level 1
In response to jlkeys

‎10-27-2006 12:31 AM

Than you for advices, but as I know only EMI version of a Catalyst IOS supports this feature.

My C3750-IPSERVICESK9-M, Version 12.2(25)SEC doesn't support this feature.

0 Helpful
Customers Also Viewed These Support Documents