Hi oli, On Fri, Mar 7, 2008 at 7:41 PM, Oliver Boehmer (oboehmer) <[EMAIL PROTECTED]> wrote: > > match ip next-hop should also work. Not sure why it didn't, would need > to see the full config.. but in your case, I'd work with interfaces > (also use "set interface" in PBR route-map)..
I started off using 'set interface' in the PBR route-map -- I must've changed it during the troubleshooting process. I've changed it back now because I find it more 'readable'. Are there any other good reasons to use 'set interface' over 'set ip next-hop'? My 'match ip next-hop' config would've looked something like this: interface Serial0/0.740 point-to-point ip address 192.168.91.138 255.255.255.252 ! interface Serial0/1.742 point-to-point ip address 192.168.91.142 255.255.255.252 ! access-list 51 permit 192.168.91.137 ! access-list 52 permit 192.168.91.141 ! access-list 125 remark ** match HTTP to server 1 ** access-list 125 permit tcp any host 192.168.91.67 eq www access-list 125 remark ** match HTTP to server 2 ** access-list 125 permit tcp any host 192.168.91.3 eq www ! route-map App01-NAT-FOO1 permit 10 match ip address 125 match ip next-hop 51 ! route-map App01-NAT-FOO2 permit 10 match ip address 125 match ip next-hop 52 ! ip nat inside source route-map App01-NAT-FOO1 interface Serial0/1.742 overload ip nat inside source route-map App01-NAT-FOO2 interface Serial0/0.740 overload ! end cheers, Dale _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
