Announcement

Collapse
No announcement yet.

set route-map on cisco switch l3

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • set route-map on cisco switch l3

    Hello Friends,

    I am trying to configure route-map to redirect web traffic to a proxy server, try it in a Cisco Catalyst 3560G L3 switch and an ASA 5510, in either have been unsuccessful.

    - In the switch I have this configuration:

    webcache-route-map redirect, permit, sequence 10
    Match clauses:
    ip address (access-lists): webtraffic
    September clauses:
    ip next-hop 192.168.10.1
    Policy routing matches: 0 packets, 0 bytes
    webcache-route-map redirect, permit, sequence 20
    Match clauses:
    September clauses:
    Policy routing matches: 0 packets, 0 bytes
    l3-core # sho access.-lists
    Extended IP access list webtraffic
    10 deny tcp host 192.168.10.1 eq www and Stock
    20 permit tcp host 192.168.2.10 eq www and Stock

    I'm trying now to add this route-map in the interface vlan 2 but does not have this option. Ios version is C3560-ipbase-m 12.2 (25) see4

    - In the case of Asa 5510, the version is asa723.k8.bin and I can not put the set policy.

  • #2
    Re: set route-map on cisco switch l3

    I think the feature you are wanting is Policy Based Routing (PBR)

    According to the cisco.com IOS feature navigator, the IPBASE image does not support PBR. You will need to upgrade to at least the IPSERVICES image in order to configure PBR.

    According to the ASA FAQ...

    Q. Can Cisco 5500 Series ASA do a Policy Based Routing (PBR) like Cisco Router? For example, mail traffic should be routed to first ISP while http traffic should be routed to the second one.

    A. Unfortunately, there is no way to do policy-based routing on the ASA at this time. It can be a feature that is added to the ASA in the future.

    Note: The route-map command is used in order to control how routes are redistributed between routing protocols like OSPF with the use of metrics and to not to redistribute regular traffic.

    Comment


    • #3
      Re: set route-map on cisco switch l3

      You can use WPAD to redirect webtraffic to a proxy server

      http://technet.microsoft.com/en-us/l.../cc713344.aspx

      It is however a client protocol.
      gerth

      MCITP sa, ea & va, [email protected]

      Comment


      • #4
        Re: set route-map on cisco switch l3

        Originally posted by scowles View Post
        I think the feature you are wanting is Policy Based Routing (PBR)

        According to the cisco.com IOS feature navigator, the IPBASE image does not support PBR. You will need to upgrade to at least the IPSERVICES image in order to configure PBR.

        According to the ASA FAQ...

        Q. Can Cisco 5500 Series ASA do a Policy Based Routing (PBR) like Cisco Router? For example, mail traffic should be routed to first ISP while http traffic should be routed to the second one.

        A. Unfortunately, there is no way to do policy-based routing on the ASA at this time. It can be a feature that is added to the ASA in the future.

        Note: The route-map command is used in order to control how routes are redistributed between routing protocols like OSPF with the use of metrics and to not to redistribute regular traffic.
        This is exactly what I'm trying to use, PBR, then I upgrade the IOS of Cisco 3560G switch, this is my core, and I have several access switch connected to the switch core, what implications will do the upgrade?, do I have to do in all switch's?

        Comment


        • #5
          Re: set route-map on cisco switch l3

          what implications will do the upgrade?

          Thats hard to say. As a frame of reference, I have successfully upgraded IOS image feature sets in the past without any impact. Your mileage may very though. I would suggest having a backout plan that includes reloading the current IOS iamge and configuration.

          do I have to do in all switch's?

          Without fully understanding your network topology, its hard to say if all switches will need to be upgraded. If your access layer switches are simply layer 2 switches, then I would say there is no need to upgarde these switches, just the core.

          Comment


          • #6
            Re: set route-map on cisco switch l3

            Originally posted by scowles View Post
            what implications will do the upgrade?

            Thats hard to say. As a frame of reference, I have successfully upgraded IOS image feature sets in the past without any impact. Your mileage may very though. I would suggest having a backout plan that includes reloading the current IOS iamge and configuration.

            do I have to do in all switch's?

            Without fully understanding your network topology, its hard to say if all switches will need to be upgraded. If your access layer switches are simply layer 2 switches, then I would say there is no need to upgarde these switches, just the core.
            Thankfully, excuse the many questions, I'm new at this, I have a couple more questions:

            1. I say that I have to put ios least ipservices is my current ios is ipbase, then the new system image file from my switch will be the ipservices?, this has all the characteristic of ipbase?.

            2. I have to pay for this ipservices to use it?

            Thanks again.

            Comment


            • #7
              Re: set route-map on cisco switch l3

              this has all the characteristic of ipbase?

              Yes

              I have to pay for this ipservices to use it?

              Technically, IOS feature sets like ipbase, ipservices, enterprise, etc... are licensed. But if this switch is currently under a SmartNet contract, you should be able to download the image from cisco.com and "test" without any additional charge.

              Comment


              • #8
                Re: set route-map on cisco switch l3

                Originally posted by scowles View Post
                this has all the characteristic of ipbase?

                Yes

                I have to pay for this ipservices to use it?

                Technically, IOS feature sets like ipbase, ipservices, enterprise, etc... are licensed. But if this switch is currently under a SmartNet contract, you should be able to download the image from cisco.com and "test" without any additional charge.
                I am grateful for all your help

                Comment

                Working...
                X