[c-nsp] 4503 route-map problem

gokhan senol gokhanciscottl at yahoo.com
Wed May 23 03:04:45 EDT 2007 

hi
i have two 4503 switches that connected eachother via wireless.
both side has their internet connection. but side A has metro ethernet and what i wanna do is that divert sideB's http traffic to metroE on side A
for that reason i made the config below on sideB
10.1.1.101 is a  JuniperFirewall which terminates metroE connection on sideA
other traffic which is not http should go out from sideB's internet connection.

vlan 20  >> 10.0.1.0   
vlan 10  >>  10.1.0.0   

i can reach i mean that i can ping 10.1.1.101 (my next hop for route-map)  from the sideB switch and also all computers on sideB.
But when i check from whatismyip.com I see that my ip is not metroE but the sideB's internet ip.
it is not a ios problem coz it runs at another customer with same ios

ios    cat4000-i9s-mz.122-25.EWA6.bin

what the problem can be.  which parameters should i check
thansk a lot



interface Vlan20
 description  SIDE --- B ---
 ip address 10.0.1.100 255.255.252.0
 ip policy route-map http

access-list 111 deny   tcp any 172.16.0.0 0.0.0.255
access-list 111 permit tcp any any eq www
access-list 111 permit tcp any any eq 443
!
route-map traffic permit 10
 match ip address 111
 set ip next-hop 10.1.1.101  (fw  on sideA)
!
ip local policy route-map http
ip route 0.0.0.0 0.0.0.0 10.0.1.101 (fw on sideB)
ip route 10.1.0.0 255.255.252.0 192.168.100.1


sideA fw  output  
..........................................................
   Send ICMP echos to 10.0.1.5, timeout is 2 seconds,  maximum hops are 32 
1       2ms     1ms     1ms     10.1.1.100
2       16ms    22ms    20ms    192.168.100.101
3       1ms     2ms     1ms     10.0.1.5   (pc from sideB)
Trace complete
NSGW-> 
..............................................................
sideB switch ping test

4503#ping 10.1.1.101
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.101, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/7/28 ms
4503#


       
____________________________________________________________________________________Ready for the edge of your seat? 
Check out tonight's top picks on Yahoo! TV. 
http://tv.yahoo.com/

More information about the cisco-nsp mailing list