Overview
To use PBR, you should specify the behavior of the router interfaces connecting to the LAN, the WAN, and the out-of-path Exinda appliances.
This article explains how to configure a router connected to two subnets and two Exinda appliances for PBR.
To see how to configure an Exinda appliance for PBR on two subnets, refer to the following articles:
-
Configuring an Exinda Appliance for PBR on Two Subnets Using Exinda Web UI
- Configuring an Exinda Appliance for PBR on Two Subnets Using CLI
CAUTION! Use IP addresses, subnets, and network masks that work in your environment. The IP addresses in this article are for demonstration purposes.
Process
- Launch the router's CLI.
- To enter the privileged EXEC (enable) mode, run the command at the prompt:
hostname > enable
- The hostname # prompt appears.
- To enter the configuration (config) mode, run the command at the prompt:
hostname # configure terminal
- The hostname (config)# prompt appears.
- Specify the interface to configure:
hostname (config)# interface FastEthernet0/1/1
- Set the IP address and netmask of the LAN interface:
hostname (config-if)# ip address 172.16.12.1 255.255.0.0
- Set a description for what the router interface is connecting to:
hostname (config-if)# description Connected to EX-IN
- Set the route map for policy routing with the name
DivtEx1theEx2:
hostname (config-if)# ip policy route-map DivtEx1theEx2
- Set the duplex and speed parameters for the interface:
hostname (config-if)# duplex auto hostname (config-if)# speed auto
- Specify the interface to configure:
hostname (config)# interface GigabitEthernet0/0/0
- Set a description for what the router interface is connecting to:
hostname (config-if)# description Connected to EX-OOP-1
- Set the IP address of the out-of-path Exinda appliance:
hostname (config-if)# ip address 10.10.10.1 255.255.255.0
- Set the duplex and speed parameters for the interface:
hostname (config-if)# duplex auto
hostname (config-if)# speed auto
- Specify the interface to configure:
hostname (config-if)# ip policy route-map DivtEx1theEx2
hostname (config)# interface GigabitEthernet0/0/1 - Set a description for what the router interface is connecting to:
hostname (config-if)# description Connected to EX-OOP-2
- Set the IP address of the out-of-path Exinda Appliance:
hostname (config-if)# ip address 10.10.20.1 255.255.255.0
- Set the duplex and speed parameters for the interface:
hostname (config-if)# duplex auto
hostname (config-if)# speed auto
- Specify the interface to configure:
hostname (config)# interface GigabitEthernet0/1
- Set a description for what the router interface is connecting to:
hostname (config-if)# description Connected to WAN
- Set the IP address and netmask of the WAN interface:
hostname (config-if)# ip address 64.65.66.1 255.255.255.0
- Set the route map for policy routing to asymmetrical:
hostname (config-if)# ip policy route-map
DivtEXOOP1thenEXOOP2 - Set the duplex and speed parameters for the interface:
hostname (config-if)# duplex auto
hostname (config-if)# speed auto
120 that allows devices in the specified IP address range to access the network.hostname (config)# access-list 120 permit ip
172.16.0.0 0.0.0.255 64.65.66.0 0.255.255.255
hostname (config)# access-list 120 permit ip
64.65.66.0 0.255.255.255 172.16.0.0 0.0.255.255
140), and route the traffic to the router.route-map DivtEXOOP1thenEXOOP2 permit 10
match ip address 140
set ip next-hop 10.10.10.2 10.10.20.2
Priyanka Bhotika
Comments