• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 454
  • Last Modified:

Policy based routing

Hello, I've this kind of configuration to do: I have a router with a configuration quite simple: two interfaces and a quick routing table.

I need that some hosts are routed to a default gateway, others on another (double internet connection).

I thought of using a route map, but the problem is as follows: hosts that are administered by the route map using the right gateway, but ignores all other routes.

How can I fix?

Basically I want some use IP as a default gateway IP different, but both continue to use other routes ...
interface GigabitEthernet0/0
 ip address 192.168.4.100 255.255.254.0
 ip nat outside
 ip policy route-map switchugw
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 ip address 192.168.7.100 255.255.255.0
 ip access-group 101 in
 ip nat inside
 duplex full
 speed 100
!
ip route 0.0.0.0 0.0.0.0 192.168.4.240
ip route 10.10.100.0 255.255.255.0 192.168.4.240
ip route 10.10.200.0 255.255.255.0 192.168.4.240
ip route 192.168.0.0 255.255.255.0 192.168.4.240
ip route 192.168.2.0 255.255.254.0 192.168.4.240
ip route 192.168.6.0 255.255.255.0 192.168.4.205
ip route 192.168.8.0 255.255.255.0 192.168.4.205
ip route 192.168.9.0 255.255.255.0 192.168.4.205
ip route 192.168.10.0 255.255.255.0 192.168.4.240
ip route 192.168.40.0 255.255.255.0 192.168.4.201
ip route 192.168.100.0 255.255.255.0 192.168.4.240
ip route 192.168.110.0 255.255.255.0 192.168.4.240
ip route 192.168.200.0 255.255.255.0 192.168.4.240
!
ip access-list extended topix201
 permit ip host 192.168.4.33 any
 permit ip host 192.168.4.102 any
 deny   ip any any
!
route-map switchugw permit 10
 match ip address topix201
 set ip next-hop 192.168.4.201
!

Open in new window

0
Faber82
Asked:
Faber82
  • 2
1 Solution
 
Marijan77Commented:
You may set 'deny' rules to exclude local routing, so this is how access-list topix201 need to be:

ip access-list extended topix201
 deny ip host 192.168.4.33 10.10.0.0 0.0.255.255
 deny ip host 192.168.4.102 10.10.0.0 0.0.255.255
 deny ip host 192.168.4.33 192.168.0.0 0.0.255.255
 deny ip host 192.168.4.102 192.168.0.0 0.0.255.255
 permit ip host 192.168.4.33 any
 permit ip host 192.168.4.102 any
 deny   ip any any

Simply exclude all subnet that you don't want to parsed through route-map.
ip access-list extended topix201
 deny ip host 192.168.4.33 10.10.0.0 0.0.255.255
 deny ip host 192.168.4.102 10.10.0.0 0.0.255.255
 deny ip host 192.168.4.33 192.168.0.0 0.0.255.255
 deny ip host 192.168.4.102 192.168.0.0 0.0.255.255
 permit ip host 192.168.4.33 any
 permit ip host 192.168.4.102 any
 deny   ip any any

Open in new window

0
 
Faber82Author Commented:
Ok I will try wit this. Do you know if I can use also:
deny ip any 10.10.0.0 0.0.255.255

because in future I need to add more IP in that acl and I prefer don't duplicate each string.

Thanks
0
 
Faber82Author Commented:
Yes works also with any ;)

thankyou very much for the help!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now