Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
484
Views
0
Helpful
0
Replies

Policy Based Routing with multiple next hops for port 80 and 443

mmercaldieze
Level 1
Level 1

‎12-07-2015 05:59 AM - edited ‎03-08-2019 02:59 AM

I have a client that wants all web traffic to go through their Palo Alto, it is in Virtual Wire (transparent mode, so there is only a management address.

the path the traffic will be taking is:

3850 Switch-->ISR 4321-->Layer 2 P2P-->ISR 4321-->Cisco 891-->Palo Alto-->ASA

In Virtual Wire mode there is no IP address, and the Palo Alto's do not do WCCP.

I tried Policy Based routing setting the next hop of the 3850 to be the 4321 and then the 4321's next hop to be the other 4321 which as a default route to the 891 router.

Using a TCP trace utilty I am seeing the traffic hitting the 891 router but it is not sending that traffic to its default route.  The 891 router is the default gateway of that office so the networks that it is running are go throught he Palo Alto to the ASA

I think that the issue would be that there are just too many next hops.  Is there a way to configure PBR to have the next hop be the 891 router?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card