Hey all - I'm sure I'm missing something very basic, but my goal is to use policy based routing to direct traffic between certain networks across a dedicated link. 10.99.0.1 has a valid route to 10.10.1.0 and 10.10.2.0.
I would prefer traffic from 10.0.0.0 /24 and 10.1.0.0 /24 that is destined for 10.10.1.0 /24 and 10.10.2.0 /24 to use 10.99.0.1 as a next hop.
Here is the config I built, which didn't seem to work for me. For this example, vlan1 and vlan2 SVIs have an IP of 10.0.0.1 and 10.1.0.1 respectively. Can anyone point out where I've made a mistake?
ip access-list PRI-SEC-10.0.0.0
10 permit ip 10.0.0.0/24 10.10.1.0/24
20 permit ip 10.0.0.0/24 10.10.2.0/24
ip access-list PRI-SEC-10.1.0.0
10 permit ip 10.1.0.0/24 10.10.1.0/24
20 permit ip 10.1.0.0/24 10.10.2.0/24
route-map PRI-SEC-ASR permit 10
match ip address PRI-SEC-10.0.0.0
set ip next-hop 10.99.0.1
route-map PRI-SEC-ASR permit 20
match ip address PRI-SEC-10.1.0.0
set ip next-hop 10.99.0.1
int vlan1
ip policy route-map PRI-SEC-ASR
int vlan2
ip policy route-map PRI-SEC-ASR
No comments:
Post a Comment