Policy Based Routing on a 7150 Series

  • 1
  • Question
  • Updated 1 month ago
Hi Everyone,

I'm testing a "Firewalla" firewall at home to see if it would be good at some point for my residential clients and there are a few features that haven't been implemented yet. Most notably static routes. I currently have a 7150 that's handling the routing. The "router" in my setups has always just been a gateway/firewall to the interwebs. I have a couple secondary VLANs that currently cannot get to the internet due to the above missing feature. I thought possibly adding a VLAN 15 in the Firewalla and then doing policy based routing for VLAN 15 so the devices can get to the internet. I got most of the way through, but when I attempt to apply the policy based route to the virtual interface, it says the command doesn't exist...

I was typing this based on the reference guide:

[email protected] Router(config-vif-15)#ip policy route-map Crestron-internet
Invalid input -> policy route-map Crestron-internet
Type ? for a list

Am I missing a step to enable policies? If I type ip ?, policy is not an option.

Sorry if this is a basic question or been answered before, but I can't figure it out. Thank you for any assistance.

Mike
Photo of Michael Newnam

Michael Newnam

  • 1 Post
  • 0 Reply Likes

Posted 2 months ago

  • 1
Photo of Jijo Panangat

Jijo Panangat, Employee

  • 137 Posts
  • 42 Reply Likes
Hello Michael,

You need to ensure the following to achieve PBR

1) Configure ACLs that specify all the conditions required to match the desired packets to be routed using PBR.

2) Configure a route map that matches on the ACLs and sets the route information.

3) Enable PBR by applying the route map globally or on an untagged interface or virtual interface.


From the above output, It looks like the route-map name isn't called correctly on Ve 15 (check for typos)

You may also refer the below link for configuration examples from FI security guide.

http://docs.ruckuswireless.com/fastiron/08.0.70/fastiron-08070-securityguide/GUID-1DB24706-D282-408C...


Thanks
Jijo