Cisco 7604 Configuration Manual page 176
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Configuring Route Health Injection
To inject connected routes, enter the following command:
Step 4
hostname(config-route-inject)# redistribute connected [route-map map_name |
access-list acl_id] interface interface_name
where the interface interface_name argument specifies the FWSM interface; this interface IP address is
used as the next-hop IP address in the routes that are injected.
By default, all connected routes are injected.
If you want to limit the routes injected, you can specify the route-map or access-list argument; only
matching addresses are injected.
You can enter only one redistribute connected command.
To inject static routes, enter the following command:
Step 5
hostname(config-route-inject)# redistribute static [route-map map_name |
access-list acl_id] interface interface_name
where the interface interface_name argument specifies the FWSM interface; this interface IP address is
used as the next-hop IP address in the routes that are injected.
By default, all static routes are injected.
If you want to limit the routes injected, you can specify the route-map or access-list argument; only
matching addresses are injected.
You can enter only one redistribute static command.
The following example injects NAT addresses that match access list acl1; 209.165.201.0/30 is injected
with a nexthop of 209.165.200.225 (the active IP address of the outside interface) on VLAN 20. The
209.165.201.10 through .16 addresses are not injected.
hostname(config)# interface vlan20
hostname(config-if)# nameif outside
hostname(config-if)# ip address 209.165.200.225 255.255.255.224 standby 209.165.200.226
hostname(config-if)# exit
hostname(config)# access-list acl1 standard permit 209.165.201.0 255.255.255.252
hostname(config)# global (outside) 10 209.165.201.1-209.165.201.2 netmask 255.255.255.0
hostname(config)# global (outside) 10 209.165.201.10-209.165.201.16 netmask 255.255.255.0
hostname(config)# route-inject
hostname(config-route-inject)# redistribute nat access-list acl1 interface outside
The following example injects 209.165.202.129 through .131 and 209.165.202.140 through .146 with a
nexthop 209.165.200.250 on VLAN 20. The global pools on the dmz interface, and the global pool 20
on the outside interface are not included.
hostname(config)# interface vlan20
hostname(config-if)# nameif outside
hostname(config-if)# ip address 209.165.200.250 255.255.255.224 standby 209.165.200.251
hostname(config-if)# exit
hostname(config)# global (dmz) 10 209.165.201.1-209.165.201.10 netmask 255.255.255.0
hostname(config)# global (outside) 10 209.165.202.129-209.165.202.131 netmask
255.255.255.0
hostname(config)# global (outside) 10 209.165.202.140-209.165.202.146 netmask
255.255.255.0
hostname(config)# global (outside) 20 209.165.202.150-209.165.202.155 netmask
255.255.255.0
hostname(config)# route-inject
hostname(config-route-inject)# redistribute nat global-pool 10 interface outside
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
8-34
Chapter 8
Configuring IP Routing and DHCP Services
OL-20748-01
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
