• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 725
  • Last Modified:

Cisco router to check source address for routing


I have 2811 and 2621 routers that I am working with.  I would like to be able to route a particular workstation to a different gateway of last resort to test out a new firewall.  All other systems should go the current firewall which is the existing gateway of last resort.

Here's what the router table should look like (if possible):

Source          Mask                            Destination             Mask                   Next Hop
---------          ---------                        --------------            ---------               ---------------
10.1.1.100     255.255.255.255         0.0.0.0                    0.0.0.0                10.1.1.2
0.0.0.0           0.0.0.0                         0.0.0.0                    0.0.0.0                10.1.1.1.

As you can see, I want 10.1.1.100 to use 10.1.1.2 (new firewall) while all others should continue to use the existing firewall at 10.1.1.1    

I know that the XP workstation can have its local route table modified, but I would prefer to handle this at the router as it is going to expand to many workstations as I migrate them over to the new firewall.

Any suggestions?  Thank you!
0
DilbertW01
Asked:
DilbertW01
1 Solution
 
JFrederick29Commented:
This should do it:

access-list 10 permit host 10.1.1.100

route-map internet permit 10
match ip address 10
set ip default next-hop 10.1.1.2

interface fa0/1                   <--connected to 10.1.1.0 LAN
 ip policy route-map internet

When you want to route other workstations to the new Firewall, simply add an entry for the source IP to access-list 10 in this example.
0
 
DilbertW01Author Commented:
Dead-on answer!!!!  Worked great!  Thank you for the fast response and great answer!
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now