Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - Interface
  3. Articles

Configuring a Router for a Basic Policy-Based Routing Topology

Overview

While deploying your Exinda Appliance in a basic PBR topology, you must specify how the router should handle the traffic coming from the out-of-path Exinda Appliance, the WAN, and the LAN.

This article provides step-by-step instructions on how to configure a router for a basic PBR topology.

 

CAUTION!

Configure your router using the IP addresses that correspond to your network. The IP addresses and netmasks used in this article are for demonstration purposes only.

 

Process

  1. Launch the router's Command-Line Interface (CLI).
    • To enter the privileged EXEC (enable) mode, run the following command:

      hostname > enable
      • The hostname # prompt appears.
    • To enter the configuration (config) mode, run the following command:

      hostname # configure terminal
      • The hostname (config)# prompt appears.
  2. Configure the interface parameters for the Exinda appliance installed out-of-path (Gig0/0).
    1. Specify the interface to configure:

      hostname (config)# interface GigabitEthernet0/0
    2. Set the IP address of the out-of-path Exinda Appliance: 

      hostname (config-if)# ip address 10.10.10.1 255.0.0.0
    3. Set the duplex and speed parameters for the interface:

      hostname (config-if)# duplex auto
      hostname (config-if)# speed auto
  3. Configure the parameters for the WAN interface (Gig0/1).
    1. Specify the interface to configure:

      hostname (config)# interface GigabitEthernet0/1
    2. Set the IP address and netmask of the WAN interface:

      hostname (config-if)# ip address 64.65.66.1 255.255.255.0
    3. Set the route map for policy routing to asymmetrical:

      hostname (config-if)# ip policy route-map Asym
    4. Set the duplex and speed parameters for the interface:

      hostname (config-if)# duplex auto
      hostname (config-if)# speed auto
  4. Configure the parameters for the LAN interface (Fa0/1/1).
    1. Specify the interface to configure:

      hostname (config)# interface FastEthernet0/1/1
    2. Set the IP address and netmask of the LAN interface:

      hostname (config-if)# ip address 172.16.12.1 255.255.0.0
    3. Set the route map for policy routing with the name Asym:

      hostname (config-if)# ip policy route-map Asym
    4. Set the duplex and speed parameters for the interface:

      hostname (config-if)# duplex auto
hostname (config-if)# speed auto
  5. Create an access list named 120 that allows devices in the specified IP address range to access the network.

    hostname (config)# access-list 120 permit ip
    172.16.0.0 0.0.255.255 64.65.66.0 0.0.0.255
    
hostname (config)# access-list 120 permit ip
    64.65.66.0 0.0.0.255 172.16.0.0 0.0.255.255
  6. Configure the route map to allow access to the routes specified in the access list (120), and route the traffic to the router.

    route-map Asym permit 10
    
match ip address 120
    
set ip next-hop 10.10.10.2

 

Related Article

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments