Guest
|
 Posted: Wed Aug 22, 2007 3:39 pm Post subject: ip route not being used on 1812 |
 |
|
Hi All,
I have set up policy routing on a Cisco 1812.
However; the ip route functionality, does not seem to working.
I have this setup.
{ INTERNET }
| |
| |
[1] [2] Modems 165.228.170.213, 203.38.223.125
| |
| | Wan Ports 165.228.170.214, 203.38.223.126
[ 1812 ]
| 203.36.134.33
|
| 203.36.134.34
[Linux fw/gateway]
| 203.37.109.49
|
[DMZ] 203.37.109.48/28
The problem is that, from the DMZ, I can't ping or connect to anything
further out than the internal interfaces of either modem - Packets
just aren't getting routed back in through the fw/gateway. I can
connect and ping the Internet from the fw/gateway.
On the 1812, the ip set up is this:
interface Vlan1
ip address 203.36.134.33 255.255.255.252
no ip route-cache cef
ip route-cache policy
ip policy route-map managed_traffic_01
!
!
ip route 0.0.0.0 0.0.0.0 203.38.223.125
ip route 0.0.0.0 0.0.0.0 165.228.170.213 2
ip route 203.37.109.48 255.255.255.240 203.36.134.34 permanent
Here is the policy map configuration.
!
no ip http server
no ip http secure-server
!
ip access-list extended NAT
permit ip any any
!
access-list 103 permit tcp 203.36.134.32 0.0.0.3 any eq smtp
access-list 103 permit tcp 203.36.134.32 0.0.0.3 eq www any
access-list 103 permit tcp 203.36.134.32 0.0.0.3 eq 81 any
access-list 103 permit tcp 203.36.134.32 0.0.0.3 eq 443 any
access-list 111 permit ip any 203.37.109.48 0.0.0.15
!
!
!
route-map managed_traffic_01 permit 10
match ip address 103
set ip next-hop 165.228.170.213
!
route-map managed_traffic_01 permit 20
set ip default next-hop 203.38.223.125
!
!
!
I cannot figure why the ip route functionality isn't working, does the
route policy have something to do with this?
The ISP has routing entries for both routes into this setup, one
normal priority (modem 2), and one low (modem 1). |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Private messages
Log in
