On (2011-12-28 18:30 +1100), Reuben Farrelly wrote: Hey,
> Is GRE tunnelling supported on this platform? No clue, but probably possible in magic fpga. > We've a need to run GRE tunnels for a URL filtering solution at our > Head Office from outside the firewall, and policy routing + GRE is > the only way this can be set up with the upstream vendor. > > [Pretty sure policy routing is not supported on this platform yet > also but confirmation of this would be good as well]. Can't you do PBR+VRF? Match say destination port 80, and set vrf to say 'to-proxy', which only has default route towards proxy box. Then add static route for the customer network like so ip vrf from-proxy customer_net cust_int cust_nexthop In the interface facing web-proxy import from-proxy RT and export default route as to-proxy RT web-proxy needs no magic support. -- ++ytti _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
