Tuesday, November 19, 2024
Latest:

Policy Based Routing or PBR with PPPoE Link on Cisco ASA

edledge
edledge Cisco logo
Views: 254

Scenario:
Make: Cisco
Model: ASA 5506-X, ASA 5506 W-X, ASA 5508-X, Cisco ASA 5500 Series
Mode: GUI
Version: ASA version 9.x or later, ASDM version 7.x or later
Description: In this article, we will discuss the stepwise method of how to resolve the issue when the Policy Based Routing or PBR on Cisco ASA Firewalls does not work as expected with the PPPoE internet line. PBR is used to route the traffic on different criteria and you could route traffic of an interface or vlan via dedicated internet line.

Problem

Sometimes it happens, the routing of a particular vlan or interface or subnet does not work as expected after applying PBR especially with the PPPoE internet line on Cisco ASA. Refer to the article below to understand how to configure PBR.

Policy Based Routing/PBR Configuration on Cisco ASA – GUI

Solution

If you have the internet line with the static IP then the PBR configuration as mentioned in the above article will help but if you are having internet line which supports DHCP or PPPoE then the routing will not work as expected. To resolve the issue, follow the steps as mentioned below.

This can also be used for the internet having static IP. This basically helps to route the traffic over interface rather over assigned next hop IP.

Step1: Login
Login to the ASA using username and password through ASDM.

ASA ASDM Login

Step2Route Map
Navigate to Route Map and then click “Add”. Follow the steps shown in the image below.

cisco_asa_pbr

Step2aMatch Clause
Name the route map and define the sequence. Also, create the access list for the route policy.

cisco_asa_pbr_match_clause

Step2bSet Clause
You could leave the settings here as default settings unless you need to change them.

cisco_asa_pbr_set_clause

Step2cBGP Match Clause
If you are using BGP then configure the options as per requirement, else leave the setting as default if you are not using BGP.

cisco_asa_bpr_bgp

Step2dBGP Set Clause
Leave the “Set BGP next hop” unchecked here.

cisco_asa_pbr_bgp_status

Step2ePolicy Based Routing
Scroll down and search for “Set interfaces“. Click the three dots as shown in the red box in the below image and add the interface of the secondary ISP i.e. outside1. Follow the steps shown below in the image.

cisco_asa_pbr_interface_selection

If you have static IP for your internet line then you could define the next hop IP as the gateway of the internet line, but in case you have PPPoE internet connection then you will have to select interface to route the traffic irrespective of the gateway IP of internet line.

Other Important Topics

Knowledge_Check_Cisco_01

1 / 5

What are the two types of packet capture in Cisco ASA?

2 / 5

What is the default buffer size of Cisco ASA PCAP?

3 / 5

How many interfaces in Cisco ASA can have same route map?

4 / 5

Does Cisco ASA supports PPPoE link?

5 / 5

How many 10 Gig ports are available in Cisco 5508-X ASA?

Your score is

The average score is 0%

0%

SourceCisco, Knowledge Base, Internet

EA00154

Leave a Reply

Your email address will not be published. Required fields are marked *