Configure the Router for VRRP with PBR and VLANs

Specify the behaviour of the router interfaces connecting to the switch, the LAN, and the WAN.

Launch the router command line interface.

To enter privileged EXEC (enable) mode, at the prompt type the following command:

hostname > enable

The hostname # prompt is displayed.
To enter configuration (config) mode, at the prompt type the following commands:

hostname # configure terminal

The hostname (config)# prompt is displayed.

Configure the interface parameters for the switch installed between the router and the out-of-path Exinda appliances (Gig0/0).
1. Specify the interface to configure.
  
  hostname (config)# interface GigabitEthernet0/0
2. Set a description for what the router interface is connecting to.
  
  hostname (config-if)# description Connected to Exinda Group
3. Specify that there is no IP address for the interface.
  
  hostname (config-if)# no ip address
4. Set the duplex and speed parameters for the interface.
  
  hostname (config-if)# duplex auto
  
  hostname (config-if)# speed auto
5. Configure the parameters for the VLAN 10 interface (Gig0/0.10).
  1. Specify the interface to configure.
    
    hostname (config)# interface GigabitEthernet0/0.10
  2. Set the router interface to route between VLANs for the switch.
    
    hostname (config-if)# encapsulation dot1Q 10
  3. Set the IP address and netmask of the VLAN 10 interface.
    
    hostname (config-if)# ip address 10.10.10.1 255.255.255.0
6. Configure the parameters for the VLAN 20 interface (Gig0/0.20).
  1. Specify the interface to configure.
    
    hostname (config)# interface GigabitEthernet0/0.20
  2. Set the router interface to route between VLANs for the switch.
    
    hostname (config-if)# encapsulation dot1Q 20
  3. Set the IP address and netmask of the VLAN 20 interface.
    
    hostname (config-if)# ip address 10.10.20.1 255.255.255.0
Configure the parameters for the WAN interface (Gig0/1).
1. Specify the interface to configure.
  
  hostname (config)# interface GigabitEthernet0/1
2. Set a description for what the router interface is connecting to.
  
  hostname (config-if)# description Connected to WAN
3. Specify that there is no IP address for the interface.
  
  hostname (config-if)# no ip address
4. Set the duplex and speed parameters for the interface.
  
  hostname (config-if)# duplex auto
  
  hostname (config-if)# speed auto
5. Configure the parameters for the VLAN 10 interface (Gig0/1.10).
  1. Specify the interface to configure.
    
    hostname (config)# interface GigabitEthernet0/1.10
  2. Set the router interface to route between VLANs for the switch.
    
    hostname (config-if)# encapsulation dot1Q 10
  3. Set the route map for policy routing with the name EXOOP1toEXIN.
    
    hostname (config-if)# ip policy route-map EXOOP1toEXIN
6. Configure the parameters for the VLAN 20 interface (Gig0/1.20).
  1. Specify the interface to configure.
    
    hostname (config)# interface GigabitEthernet0/1.20
  2. Set the router interface to route between VLANs for the switch.
    
    hostname (config-if)# encapsulation dot1Q 20
  3. Set the IP address and netmask of the LAN interface.
    
    hostname (config-if)# ip address 10.10.40.1 255.255.255.0
  4. Set the route map for policy routing with the name LANtoEXOOP2.
    
    hostname (config-if)# ip policy route-map LANtoEXOOP2
Configure the parameters for the LAN interface (Fa0/1.10).
1. Specify the interface to configure.
  
  hostname (config)# interface FastEthernet0/1.10
2. Set a description for what the router interface is connecting to.
  
  hostname (config-if)# description Connected to EX-IN
3. Set the router interface to route between VLANs for the switch.
  
  hostname (config-if)# encapsulation dot1Q 10
4. Set the IP address and netmask of the LAN interface.
  
  hostname (config-if)# ip address 172.16.10.0 255.255.255.0
5. Set the route map for policy routing with the name EXINtoEXOOP1.
  
  hostname (config-if)# ip policy route-map EXINtoEXOOP1
Configure the parameters for the LAN interface (Fa0/1.20).
1. Specify the interface to configure.
  
  hostname (config)# interface FastEthernet0/1.20
2. Set a description for what the router interface is connecting to.
  
  hostname (config-if)# description Connected to EX-IN
3. Set the router interface to route between VLANs for the switch.
  
  hostname (config-if)# encapsulation dot1Q 20
4. Set the IP address and netmask of the LAN interface.
  
  hostname (config-if)# ip address 172.16.20.0 255.255.255.0
5. Set the route map for policy routing with the name EXINtoEXOOP2.
  
  hostname (config-if)# ip policy route-map EXINtoEXOOP2
Create the following access lists to allows devices in the specified IP address range to access the network.

hostname (config)# access-list 100 permit ip 10.10.30.0 0.0.0.255 172.16.10.0 0.0.0.255

hostname (config)# access-list 101 permit ip 172.16.10.0 0.0.0.255 10.10.30.0 0.0.0.255

hostname (config)# access-list 102 permit ip 10.10.40.0 0.0.0.255 172.16.20.0 0.0.0.255

hostname (config)# access-list 103 permit ip 172.16.20.0 0.0.0.255 10.10.40.0 0.0.0.255
Configure the following route maps to allow access to the routes specified in the access lists, and route the traffic to the router.

route-map Asym permit 10

match ip address 100

set ip next-hop 10.10.10.100

!

route-map EXOOP1toEXIN permit 10

match ip address 100

set ip next-hop 10.10.10.100

!

route-map EXOOP2toEXIN permit 10

match ip address 102

set ip next-hop 10.10.20.100

!

route-map EXINtoEXOOP1 permit 10

match ip address 101

set ip next-hop 10.10.10.100

!

route-map EXINtoEXOOP2 permit 10

match ip address 103

set ip next-hop 10.10.20.100