Wednesday, September 1, 2010

Policy Based Routing Example on Juniper Netscreen/SSG

set vrouter trust-vr
set access-list extended 100 src-ip 10.1.1.7/24 dst-ip 10.2.2.2/32 dest-port 22-22 protocol tcp entry 1 
set access-list extended 100 src-ip 10.1.1.7/24 dst-ip 10.2.2.2/32 dest-port 443-443 protocol tcp entry 2


set match-group name PBR_GROUP
set match-group PRB_ROUTE ext-acl 10 match-entry 1 
set match-group PRB_ROUTE ext-acl 10 match-entry 2 


set action-group name Action_PBR_ROUTE
set action-group Action_PBR_ROUTE next-hop 10.1.2.7 action-entry 1 
set action-group Action_PBR_ROUTE next-interface ethernet2 action-entry 2
set pbr policy Redirect_PBR_ROUTE match-group PBR_GROUP action-group Action_PBR_ROUTE 1 exit
set interface ethernet4 pbr Redirect_PBR_GROUP set vrouter trust-vr pbr Redirect_PBR_ROUTE

Posted by Blogger at 8:24 PM
Labels:

1 comment:

  1. UnknownFebruary 11, 2013 at 2:17 AM

    มีรูป Config ที่ทำ Command ด้านบนไมครับ มองภาพไม่ออกอ่าครับ
    ขอบคุณล่วงหน้าครับพี่

    ReplyDelete

Subscribe to: Post Comments (Atom)