Policy based routing
 

Hi all,

I have a 3550 L3 switch and I am trying to implement policy based
routing. My setup is as follows:


Firewall 1 -----------------Site to Site VPN
1----------------------Firewall 1---------PC2 x.x.x.x

|
|

|
|

|
|
PC1--------Switch
3550
|
|
|
|
|
|
|
|
|
|
| Firewall 2 -----------------Site to Site VPN
2--------------------------|
|
|__________ Appliance 1 y.y.y.y


Currently, the switch sends all traffic bound for PC2 through Firewall
1

I want traffic from Appliance 1 going to PC2 to pass through Firewall
2 instead.

To do this, I went into the Switch config and added the following:

access-list 123 permit ip y.y.y.y 0.0.0.255 x.x.x.x 0.0.0.255
route-map test_map permit 10
match ip address 123
set ip next-hop 192.168.0.1 (IP of inside interface of Firewall 2)
int vlan1
ip policy route-map test_map

As far as I can tell, It's set up according to examples in Cisco
documentation, but doesn't work. Can anyone see something I missed?
Thanks.

Al