I am seeing a strange problem with a 3640 running 12.0(7)XK1. It is the
border router for an ISP.
A user who is assigned an IP address, cannot get his VPN to work with the
remote destination, whenever I enable policy routing on the ingress
interface of this 3640. I will post a breif part of the config:
interface FastEthernet0/0
ip address 12.4.96.1 255.255.255.0
no ip directed-broadcast
ip ospf priority 4
duplex auto
speed auto
ip policy route-map proxy-redirect
access-list 110 permit tcp 65.162.20.0 0.0.0.31 any eq www
route-map proxy-redirect permit 10
match ip address 110
set ip next-hop 12.4.96.16
!
route-map proxy-redirect permit 20
This user is not on 65.162.20.0/27 at all. Yet adding the route map to
f0/0 messes this users VPN up. My understanding is that the packets that
don't match list 110, should be unchanged. Can anyone speculate?
Brian
-----------------------------------------------
I'm buying used CISCO gear!!
email me for a quote
Brian Feeny e:signal@shreve.net
CCNP+Voice/ATM/Security p:318.222.2638x109
CCDP f:318.221.6612
Network Administrator
ShreveNet Inc. (ASN 11881)
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:30 EDT