[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 629
  • Last Modified:

Need to forward outbound FTP traffic to different gateway via Cisco Switch?

I need to forward outbound FTP traffic to different gateway via Cisco Switch?

Is this possible via a ip route or something?

Thanks in advance for the help...
0
jpquonce
Asked:
jpquonce
  • 6
  • 4
1 Solution
 
ionut_mirCommented:
What kind of switch do you have? Layer 2 or layer3?
0
 
jpquonceAuthor Commented:
It is a layer 3 and it is a Cisco 3550 switch
0
 
ionut_mirCommented:
I tried to simulate you situation but a didn't succeed.
You can try to configure something like this:

access-list 101 permit tcp any any eq ftp
access-list 101 permit tcp any any eq ftp-data

route-map ftp
match ip address 101
set interface fa0/2 - outbound interface

interface fa0/1  - inbound interface
ip policy route-map ftp

I am not sure if your switch supports these features, but you can try :).
0
Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

 
lrmooreCommented:
I think you need the advance IP services IOS version of the 3550 switch to enable policy based routing, but ionut_mir is on the right track.

You can try just a little different:

access-list 101 permit tcp any any eq ftp
access-list 101 permit tcp any any eq ftp-data

route-map ftp
match ip address 101
set ip nex-hop <ip address of gateway>

interface vlan 1 <== client data vlan
  ip policy route-map ftp
0
 
jpquonceAuthor Commented:
It took all that code EXCEPT:

ip policy route-map ftp

What should I do now?

0
 
jpquonceAuthor Commented:
bumped up points to 500
0
 
jpquonceAuthor Commented:
is there something else I need to do to activate this command?
ip policy route-map ftp
0
 
ionut_mirCommented:
As Irmoore said you should try to update your switch IOS.
What IOS version do you have now?
0
 
jpquonceAuthor Commented:
Version 12.1(8)EA1c
0
 
ionut_mirCommented:
Try to update your software. It seems that version 12.1 doesn't support Policy Based Routing.
0
 
jpquonceAuthor Commented:
Seems this is my issue for ip policy:

http://supportwiki.cisco.com/ViewWiki/index.php/User_is_unable_to_configure_PBR_on_a_Catalyst_3550_switch

BUt it is calling for the extended-match and that wasn't added until 12.1(11)EA1.

I have never used this command and I don't know if I will be upgrading the IOS or not at this time.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now