How to configure Policy Based Routing

Hi Alfredo,

The interfaces on a router are “routed ports”, each interface requires an IP address in a unique subnet. 172.16.254.3/30 is in the same subnet as your first interface and it’s also a broadcast address. You’ll have to use a larger subnet, /30 only offers you two IP addresses. A /29 would work.

Somehow you need to add the interfaces of the two firewalls and the router in a single broadcast domain. You can’t turn the routed ports into switchports so a switch module is not a bad idea…or create a VLAN on a switch and connect the firewall + router interfaces to it.

Technically you might be able to bridge the two router interfaces and use a BVI interface but that’s not something I would recommend:

bridge irb
brige 1 protocol ieee
int gi0/1
bridge-group 1

int gi0/2
bridge-group 1

interface bvi 1
ip address 172.16.254.1 255.255.255.248

This bridges the two gigabit interfaces together, the BVI interface is the “routed” port.

Hope this helps…

Rene

1 Like