From: Biggs, Jeff \(M/CIO/BIE\) (JBiggs@usaid.gov)
Date: Tue Jul 10 2007 - 08:25:43 ART
What I thought was a simple solution has become a bit blurred...
I have a 6500 that I am trying to simply redirect an inbound packet to
another next-hop IP address. The 6500 is IOS based with a
SUP720/PFC3/MFSC3 running adventerprisek9-122-18 SXF8. On VLAN A I have
a policy to match on packets from a source IP and to set the next hop IP
to a device on a VLAN that is directly connected out the other side of
the 6500 (VLAN B)
VLAN A------>6500-------->VLAN B
Sample config:
interface VlanB
description Connection to firewall-LAN
ip address 11.11.11.199 255.255.255.240
no ip redirects
interface VlanA
description Connection to SA26-ATM-LAN
ip address 12.23.45.67 255.255.255.240
no ip redirects
ip policy route-map NEXT-HOP
ip access-list extended NEXT-HOP
permit ip host 10.10.10.56 any
route-map NEXT-HOP permit 10
match ip address NEXT-HOP
set ip next-hop 11.11.11.201
route-map NEXT-HOP permit 20
Am I missing something here? This should be a simple setup, but as I
have found in this business, nothing is simple.
Jeffrey Biggs
Sr. Network Engineer
M/CIO/BIE
CCNP, CCDA
240-646-5003
jbiggs@usaid.gov <mailto:jbiggs@usaid.gov>
This e-mail is intended for the addressee only. If you are not the
intended recipient, please be aware that the unauthorised use or
disclosure of the information it contains, or the unauthorised copying
or re-transmission of the e-mail are strictly prohibited. Such action
may result in legal proceedings. If the e-mail has been sent to you in
error, please accept our apologies, advise the sender as soon as
possible and then delete the message. Under the Freedom of Information
Act 2000 / Data Protection Act 1998, the contents of this e-mail,
whether it is marked confidential or otherwise, may be disclosed.
This archive was generated by hypermail 2.1.4 : Sat Aug 18 2007 - 08:17:40 ART