For When You Can't Have The Real Thing
[ start | index | login ]
start > Netscreen > Policy Based Routing Example

Policy Based Routing Example

Created by dave. Last edited by dave, one year and 75 days ago. Viewed 1,623 times. #6
[diff] [history] [edit] [rdf]


In this case we have one local network, which needs to reach local networks and over a VPN, which is connected to tunnel.43. We are using PBR because we already have a remote partner VPN network using, which would collide. The Customer's local network is on local interface redundant2.33.

set vrouter "Public-VR"
set access-list extended 25 src-ip dst-ip protocol any entry 1
set access-list extended 25 src-ip dst-ip protocol any entry 2
set match-group name Customer-Outbound
set match-group Customer-Outbound ext-acl 25 match-entry 1
set action-group name CustomerVPN
set action-group CustomerVPN next-interface tunnel.43 action-entry 1
set pbr policy name CustomerVPN-PBR
set pbr policy CustomerVPN-PBR match-group Customer-Outbound action-group CustomerVPN 1
set interface redundant2.33 pbr CustomerVPN-PBR
no comments | post comment

Virtual Dave Megaplex:

Internet Explorer 6 Users >>Click Here

(read this note about local search)

Logged in Users: (0)
… and 7 Guests.

Editing: snipsnap-help, Image Macro

(Et auditum est, et idcirco ego nunc simulare)

Installed 7 years and 100 days ago
Powered By >>SnipSnap Version 1.0b1-uttoxeter

This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful: | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt