Link to home
Start Free TrialLog in
Avatar of paxied

asked on

Trying to set a policy based route map on catalyst 5750 to handle port 80 redirect

I am trying to configure a rule on my router that will force all port 80 traffic except that which is coming from a specific list of IP addresses. I am currently looking at route-maps. I have not found a way to set up the policy to refference first one then another list and assign a route based on which one made a hit. Since there cannot be more than one policy in effect on any given interface, I cannot simply create on policy and give it a lower numerical value than the other to assign precedence.

Currently I have an ACL with a test IP and a route-map policy that redirects any and all port 80 traffic from said IP to my proxy server. This works fine, but in order to implement it I have to assign the policy to the gateway port for that vlan. We have a few web servers running on the same VLAN as some of our users computers and cannot have the traffic from the web-servers being run through a proxy server. We are trying to do this without having to restructure our VLANs.

when configuring a route-map I am using the following

access-list 168 permit tcp host X.X.X.X any eq 80

route-map redirect permit 10
match ip address 168 (168 being the acl containing the permission list identifying the IP's that are to be assigned this rule)
set ip next-hop X.X.X.X

int gi */* ip policy route-map redirect
Am I following the wrong track here? I have a default gateway configured and it is correct. I would think that lacking a hit on the above ACL it would follow the default gateway.
Avatar of bec0s
Flag of Netherlands image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of paxied


Thanks for the post. I cannot believe I had forgotten about that.