Re: Help with PBR

Static route statements alone will not accomplish this. They will only
route the traffic from the remote site to the main site correctly. The
return traffic will not route correctly. This is because a static route
statement is based on the where the traffic is going to, not where it is
coming from. With a static route in use the 10.1.7.x network replies back
to the transmission - it will not be routed the way you want.

Main Site Router:
access-list 107 permit ip 10.1.7.0 0.0.0.255 any
access-list 108 permit ip any any
!
route-map sevennetwork permit 10
match ip address 107
set interface (interface)
route-map sevennetwork permit 20
match ip address 108
set interface (interface other)
!
interface (inside ethernet)
ip policy route-map sevennetwork

Remote Site Router:
access-list 107 permit ip any 10.1.7.0 0.0.0.255
access-list 108 permit ip any any
!
route-map sevennetwork permit 10
match ip address 107
set interface (interface)
route-map sevennetwork permit 20
match ip address 108
set interface (interface other)
!
!
interface (inside ethernet)
ip policy route-map sevennetwork

--

===========
Scott Perry
===========
Indianapolis, Indiana
________________________________________
<troute_kilgore@xxxxxxxxx> wrote in message
news:1183042158.778475.86210@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I know this is lame to ask, but I really need help creating policy
routing and don't have a test environment. Here is my scenario

Main Site has a PTP and a Frame relay going to a remote site.

Main Site:
FrameRelay IP S/0 : 10.1.130.129
PTP S/1 : 10.1.40.1
Internal Networks
10.1.8.x
10.1.7.x


Remote Site
Frame Relay: 10.1.130.130
PTP: 10.1.40.2
Networks
10.1.3.x
10.1.40.x
10.1.13.x

What I want to do: Any traffic from any subnet on the remote site
destined for 10.1.7.x should use the PTP line and not the frame relay.

Currently, I am using a static route statement, is that sufficient? My
question is, with the static route, will traffic returning to the main
site network of 10.1.7.x still use the PTP or will it use the frame
relay. I need it to use the PTP but only for traffic from the
10.1.7.x network. and that's why I think I need PBR. Any help would
be great.



.

Relevant Pages

  • Re: static routing
    ... You can't do it manually because the interface doesn't exist until the ... static route for the subnet of the remote site and select the demand dial ... When you make a connction to the server you use the name of the ... The packet goes to the default router ...
    (microsoft.public.windows.server.networking)
  • Re: static routing
    ... I wasn't talking about the remote branch router. ... connecting to a demand-dial interface, ... server can route to the corporate LAN but machines behind it cannot. ... A static route has been added that matches the subnet of the ...
    (microsoft.public.windows.server.networking)
  • Re: Return route not added on demand dial router
    ... demand-dial interface. ... > be in the gateway associated with that static route. ... >> link them to the demand dial interfaces at both ends. ...
    (microsoft.public.win2000.ras_routing)
  • Re: VPN Adding a static route to the client
    ... the problem is that the interface doesn't exist until the ... script which can get the "received" IP and plug it into the static route. ... And you can do it with CMAK (connection ... > I think what Rick is saying is that he doesn't want to have ALL of the VPN ...
    (microsoft.public.windows.server.networking)
  • Re: SBS2003 Routing Issue
    ... The static route was bound to the Network interface and not to ... > We added a static route in the Routing and Remote interface unde Static IP ... > Clients on the local subnet cannot ping the remote subnet. ...
    (microsoft.public.backoffice.smallbiz2000)