You need to use an extended ACL. ie:
access-list 144 permit ip 1.1.1.0 0.0.0.255 2.2.2.0 0.0.0.255 That says any traffic with a matching source of 1.1.1.0/24 going to a destination in the 2.2.2.0/24 range then send it to the PBR next hop configured. If you have overlapping route-map entries the first hit will be the one it takes. So you would need your more specific map entries first in the route-map. If On Mon, May 14, 2007 at 08:31:57AM -0400, Jeremy Stinson wrote: > Hello, > > I'm having an issue getting PBR to work properly when I try to do both > source and destination routing. I have the following config: > > interface FastEthernet1/0.103 > ip policy route-map client-outbound > > access-list 13 permit 1.1.1.1 0.0.0.15 > access-list 14 permit 2.2.2.2 0.0.0.15 > > route-map client-outbound permit 10 > match ip address 13 > set ip next-hop 4.4.4.4 > > This works, when enabled all traffic originating from 1.1.1.1/28 gets routed > to the correct place. But I want to say that any traffic coming from > 1.1.1.1/28 going to 2.2.2.2/28 goto next-hop 5.5.5.5. If I add a line of: > > route-map client-outbound permit 5 > match ip address 14 > set ip next-hop 5.5.5.5 > > Traffic is not matched and all traffic continues to go out rule #10. I also > tried: > > route-map client-outbound deny 5 > match ip address 14 > > And this doesn't help either. Any suggestions? This is running on 12.4(5a) > on a 7206/400. > > Thanks in advance for any pointers. > > Jeremy > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/