Avaya Support Forums  

Go Back   Avaya Support Forums > Avaya Networking Products

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 01-13-2016, 09:49 AM
robbinsp robbinsp is offline
Aspiring Member
 
Join Date: Jan 2016
Posts: 2
robbinsp has 10 reputation points
Default static default route for specific IP vlan

Is it possible to create a default route on a 8600 but with a specific source IP range ?

e.g customer wants to forward all internet based traffic but only from vlan 10 to its firewall ?

its a voice only vlan at present but they are installing additional wireless IP phones which have internet capability - they don't have any any other default routes configured but want to make sure that only internet traffic from that vlan only and none of the others is sent to the next hop of the FW.

therefore IF dest add = 0.0.0.0 and source add = 10.10.10.0 THEN Forward to 20.20.20.x

i have had a look and think it might be able to be done from a route policy but not sure how i would go about it

any ideas ?
Reply With Quote
  #2  
Old 01-20-2016, 11:22 AM
tgruber tgruber is offline
Hot Shot
 
Join Date: Jul 2014
Posts: 22
tgruber has 14 reputation pointstgruber has 14 reputation points
Default

Hi there,

yes, that should be possible. Also your approach to go via policies is correct... I had to convert the following example from specific dst-routing... but it may work.
Also maybe i am overshooting and it may be possible more simply, but thats what i have.

Furthermore please note, that this will not work with SPBm because of several reasons...

First create a ACT that you tell to match on Source IPs:
Code:
filter act 1 create name "Source based routing"
filter act 1 ip srcIp
filter act 1 apply
Then create a ACL which acts on VLAN Incoming traffic and refers to the previous ACT. You also have to add this ACL to the VLANs for which you want to match the traffic.
Code:
filter acl 1 create inVlan act 1
filter acl 1 vlan add 1,2,3,4,5
Finally create a ACE(s) to match the Source Network/IPs
Code:
filter acl 1 ace 1 create name "Range 1"
filter acl 1 ace 1 action permit redirect-next-hop 192.168.0.1
filter acl 1 ace 1 ip src-ip eq 192.168.5.0-192.168.5.255
filter acl 1 ace 1 enable
filter acl 1 ace 2 create name "Range 2"
filter acl 1 ace 2 action permit redirect-next-hop 192.168.0.1
filter acl 1 ace 2 ip src-ip eq 192.168.6.0-192.168.6.255
filter acl 1 ace 2 enable
Reply With Quote
  #3  
Old 09-09-2016, 04:00 AM
vene vene is offline
Member
 
Join Date: Dec 2012
Posts: 3
vene has 10 reputation points
Default

A much simpler approach would be to use the firewall to permit/deny the traffic.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -7. The time now is 03:05 AM.

This Forum is provided solely for the use and convenience of Avaya customers and partners. Use of the Forum is subject to the Terms and Use and Privacy Statement found at www.avaya.com. No other use is permitted. The Forum including all content posted is “AS IS” and Avaya expressly disclaims all warranties and/or guarantees as to its accuracy, reliability, usefulness, quality or non-infringement of intellectual property. Avaya reserves the right to remove any content posted on the Forum at any time and for whatever reason.

Avaya will not be liable for any content posted on this Forum, including, without limitation, any errors or omissions or for any losses or damages of any kind incurred as a result of use or reliance on any content, regardless of its origin.

You expressly understand and agree that you assume all risks associated with use or reliance on this content.