Overview

To use PBR, you should specify the behavior of the router interfaces connecting to the LAN, the WAN, and the out-of-path Exinda appliances.

This article explains how to configure a router connected to two subnets and two Exinda appliances for PBR.

To see how to configure an Exinda appliance for PBR on two subnets, refer to the following articles:

CAUTION! Use IP addresses, subnets, and network masks that work in your environment. The IP addresses in this article are for demonstration purposes.

Process

Launch the router's CLI.

To enter the privileged EXEC (enable) mode, run the command at the prompt:
```
hostname > enable
```

The hostname # prompt appears.

To enter the configuration (config) mode, run the command at the prompt:
```
hostname # configure terminal
```

The hostname (config)# prompt appears.

Configure the parameters for the LAN interface (Fa0/1/1).

Specify the interface to configure:

hostname (config)# interface FastEthernet0/1/1

Set the IP address and netmask of the LAN interface:

hostname (config-if)# ip address 172.16.12.1 255.255.0.0

Set a description for what the router interface is connecting to:
```
hostname (config-if)# description Connected to EX-IN
```
Set the route map for policy routing with the name DivtEx1theEx2:
```
hostname (config-if)# ip policy route-map DivtEx1theEx2
```

Set the duplex and speed parameters for the interface:

hostname (config-if)# duplex auto
hostname (config-if)# speed auto

Configure the interface parameters for the out-of-path Exinda Appliance #1 (Gig0/0/0).

Specify the interface to configure:

hostname (config)# interface GigabitEthernet0/0/0

Set a description for what the router interface is connecting to:
```
hostname (config-if)# description Connected to EX-OOP-1
```

Set the IP address of the out-of-path Exinda appliance:

hostname (config-if)# ip address 10.10.10.1 255.255.255.0

Set the duplex and speed parameters for the interface:

hostname (config-if)# duplex auto

hostname (config-if)# speed auto

Configure the interface parameters for the out-of-path Exinda Appliance #2 (Gig0/0/1).

Specify the interface to configure:

hostname (config-if)# ip policy route-map DivtEx1theEx2

hostname (config)# interface GigabitEthernet0/0/1

Set a description for what the router interface is connecting to:
```
hostname (config-if)# description Connected to EX-OOP-2
```

Set the IP address of the out-of-path Exinda Appliance:

hostname (config-if)# ip address 10.10.20.1 255.255.255.0

Set the duplex and speed parameters for the interface:

hostname (config-if)# duplex auto

hostname (config-if)# speed auto

Configure the parameters for the WAN interface (Gig0/1).

Specify the interface to configure:

hostname (config)# interface GigabitEthernet0/1

Set a description for what the router interface is connecting to:
```
hostname (config-if)# description Connected to WAN
```

Set the IP address and netmask of the WAN interface:

hostname (config-if)# ip address 64.65.66.1 255.255.255.0

Set the route map for policy routing to asymmetrical:

hostname (config-if)# ip policy route-map

DivtEXOOP1thenEXOOP2

Set the duplex and speed parameters for the interface:

hostname (config-if)# duplex auto

hostname (config-if)# speed auto

Create an access list named 120 that allows devices in the specified IP address range to access the network.

hostname (config)# access-list 120 permit ip

172.16.0.0 0.0.0.255 64.65.66.0 0.255.255.255

hostname (config)# access-list 120 permit ip

64.65.66.0 0.255.255.255 172.16.0.0 0.0.255.255

Configure the route map to allow access to the routes specified in the access list (140), and route the traffic to the router.

route-map DivtEXOOP1thenEXOOP2 permit 10

match ip address 140

set ip next-hop 10.10.10.2 10.10.20.2

Articles in this section

Configuring a Router for Policy-Based Routing With Two Subnets

Overview

Process

Articles in this section

Overview

Process

Related articles