10-19-2007 04:01 AM - edited 03-05-2019 07:12 PM
Hi guys, i am faced with a problem in which i want your expertise, my
scenario is like this
i have a router with 3 interfaces
F0/0 is connected to ISP 1 (primary link)
F0/1 is connected to ISP 2 (backup link )
F0/2 is connected to firewall
Internet traffic is mainly receieved on the primary link, the task
that i am given is that ALL the traffic that is arriving on Router
should be forwarded to firewall !!, we tried to use PBR but it didnt
worked but i will appreciate if you can still take it as an option and
try it coz its possible we might be making some mistake in configuring
PBR, but just in case if PBR doesnt work is this task possible ?? i
mean
no disrespect to any1 out here but please dont ask that why we want to
do it its some design issue as far as i know, so kindly tell me that is
it possible via any method ???
Thanks a lot in advance
waiting for positive feedback
10-19-2007 06:17 AM
Let's see your sanitized config.
10-19-2007 06:54 AM
my config is not much complex its very basic
hostname Router
interface fas 0/0
ip address x.x.x.x mask
no sh
int fas 0/1
ip address x.x.x.x mask
no sh
int fas 0/2
description itS_connected_to_firewall
ip address x.x.x.x mask
no sh
this is a very basic config i have written since i dont have the original config, what i am after is the technique by which we can forward traffic that is recieved on one interface to some other interface, for that do you still need the config ?? if there is anyway or feature in ios that can do it kindly share it with me
thanks
10-19-2007 07:08 AM
interface f0/0
ip policy route-map incoming
route-map incoming
set ip next-hop [firewall ip]
10-19-2007 11:47 PM
Sir i have tried it already but what i must conclude is that if the destination is routers own connected interface ip then it will not policy route it, becoz i have tried it by saying that see
access-list 111 permit ip any host (f0/0 ip )
route-map incoming
match ip address 111
set ip next-hop firewall-ip
int f 0/0
ip policy route-map incoming
now when from other router i ping this routers f0/0 interface it replies successfully and when i run debug it shows policy-rejected normal-forwarding
any ideas regarding my conclusion ???
thanks in advance
10-20-2007 06:20 AM
Please post the config you are currently working on, along with debugs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide