Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > PBR problem

Reply
Thread Tools

PBR problem

 
 
paolo.caforio@gmail.com
Guest
Posts: n/a
 
      05-08-2012

Dear All,



i have a problem on configuring a PBR to let a server use as next hop a remote site connected by a GRE tunnel.



The layout is:



LAN ---- (vlan1) Router1 (Tunnel624) ---------GRE---------(Tunnel624) Router2 ---- Internet



The objective is to PAT a server (172.18.2.100) located in my LAN on Router2 using his data line.





Router 1 config is:



interface Tunnel624

ip address 172.26.252.25 255.255.255.252

tunnel source FastEthernet0/0

tunnel destination "public R2 IP address"



interface Vlan1

ip address 172.18.2.254 255.255.255.0

ip nat inside

ip virtual-reassembly

ip policy route-map PBR





ip access-list extended PBR

permit ip host 172.18.2.100 any log





route-map PBR permit 10

match ip address PBR

set ip next-hop 172.26.252.26

!



On Router2 the configuration is the following:



interface Tunnel624

ip address 172.26.252.26 255.255.255.252

ip nat inside

tunnel source Loopback0

tunnel destination "public R1 IP address"

!



!

interface FastEthernet0/0

ip address "public R2 IP address"

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

no cdp enable

!



ip route 172.18.2.0 255.255.255.0 172.26.252.25



ip nat inside source static tcp 172.18.2.100 80 "public R2 IP address" 80 extendable





R2 and the server LAN can communicate perfectly.

The problem is that no requests are received by the server if they comes from the "public R2 IP address".



On R1 a "debug ip packets" gives the following "access denied" even if no access lists on the involved interfaces are configured.





*May 7 12:03:35.683: IP: tableid=0, s="My Public IP" (Tunnel624), d=172.18.2.100 (Vlan1), routed via FIB

*May 7 12:03:35.687: IP: s="My Public IP" (Tunnel624), d=172.18.2.100 (Vlan1), len 48, access denied

*May 7 12:03:35.687: TCP src=50359, dst=80, seq=1253016140, ack=0, win=8192 SYN



Have you any idea?



thanks,



Paolo
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Three ISP, NAT an PBR problem... Froggy_Zorgy Cisco 0 12-21-2006 04:56 PM
PBR Mark St Laurent Cisco 0 07-14-2005 12:57 AM
Closing BGP peer seesion with PBR m@ Cisco 2 06-03-2005 01:40 AM
PBR. Router and PIX Same LAN jnez367@yahoo.com Cisco 4 04-23-2005 01:32 PM
multi-homed DSL with NAT and PBR Nikos 'paranic' Parastatidis Cisco 3 06-17-2004 02:55 PM



Advertisments