Dear all experts,
I'm implementing Aruba controller 7210 however my customer site has 2 ISP links. So by default , gateway will point to ISP router1 and for some SSID will have PBR point to ISP router2. So i must use PBR to force some source ip address to use ISP router2 for internet accessing. However due to PBR must use "ACL stateless" , so i'm not sure does it have any effect with any stateful firewall features or not? And for this example :
(host) (config) #ip access-list stateless st
(host) (config-stateless-st) # any any tcp 10 100 permit nexthop 200.0.0.5
(host) (config-stateless-st) # any any udp 10 100 redirect tunnel 10
(host) (config-stateless-st)# any any udp 10 101 redirect ipsec ipsec1
(host) (config) #interface vlan 100
(host) (vlan 100) #ip access-group in st
(host) (config) #interface vlan 100
(host) (vlan 100) #ip access-group in st
It mean with any source ip address that come from vlan 100, will be redirect to 200.0.0.5 right?
And what is the meaning for the remaining 2 lines:
(host) (config-stateless-st) # any any udp 10 100 redirect tunnel 10
(host) (config-stateless-st)# any any udp 10 101 redirect ipsec ipsec1
Thanks and regards,
#7210