May you have to modify your acl to match the vpn-instance.

Best is to post you relevant configuration. Then we can help.

br

Manuel

HI manuel, thanks ,

here is the config,

this is the VRF

[USSVGCSLUXG01]display ip vpn-instance  instance-name WAN
(...)
  Interfaces : Vlan-interface829,  Vlan-interface880,
                Vlan-interface857

as you see, its asociated with these two VLANS

interface Vlan-interface857
 description Ext-devices
 ip binding vpn-instance WAN
 ip address 10.75.33.66 255.255.255.224


interface Vlan-interface829
 description Transit-WAN
 ip binding vpn-instance WAN
 ip address 10.75.22.53 255.255.255.240

the traffic is comming from a host on the vlan 857, this is the default route

 ip route-static vpn-instance WAN 10.75.64.0 255.255.192.0  10.75.22.55

but i need some host to be directed to the 10.75.22.49, instead of the *.22.55,

so,, here is the pbr i created:

policy-based-route DSTR permit node 10
   if-match acl 3500
   apply ip-address next-hop 10.75.22.49
policy-based-route DSTR permit node 20

the traffic, as i say,, its comming from a device onthe vlan 857, so,, i aply that pbr to that vlan,,

and this is the ACL,

first it only was

acl number 3500 name DSTR
 
 rule 15 permit ip source 172.30.0.0 0.0.255.255 destination 10.75.64.0 0.0.15.255
 rule 20 permit ip source 172.30.0.0 0.0.255.255 destination 10.75.68.60 0
 rule 25 permit ip source 172.30.0.0 0.0.255.255 destination 10.75.67.51 0
 rule 30 permit ip source 172.29.0.0 0.0.255.255 destination 10.75.68.60 0
 rule 35 permit ip source 172.29.0.0 0.0.255.255 destination 10.75.67.51 0

then,, i added the following, since the bpr was not taking any effect

rule 40 permit ip vpn-instance WAN source 172.30.0.0 0.0.255.255 destination 10.75.68.60 0
 rule 45 permit ip vpn-instance WAN source 172.30.0.0 0.0.255.255 destination 10.75.67.51 0
 rule 50 permit ip vpn-instance WAN source 172.29.0.0 0.0.255.255 destination 10.75.68.60 0
 rule 55 permit ip vpn-instance WAN source 172.29.0.0 0.0.255.255 destination 10.75.67.51 0
 rule 60 permit ip source 10.75.47.0 0.0.0.255 destination 10.75.64.0 0.0.15.255
 rule 65 permit ip vpn-instance WAN source 10.75.47.0 0.0.0.255 destination 10.75.64.0 0.0.15.255
 rule 70 permit ip vpn-instance WAN source 10.75.47.2 0

i used before a couple of times ( a PBR) and it worked, but in this case its inside a VRF so,, not sure why its not working

Hi

You're right, all looks fine.

How do you apply the PBR to the vlan?

What is a stream (Source/Destination) you want to redirect?

Have you conntected the HP support?

br

Manuel

hi, yes,, i used this command ip policy-based-route,,,

and no,, i havent contacted the hp support,

also,, the source is a host with the ip address 172.29.128.113, which should be under the acl

And I assume you are using the latest software release? Then I recommand you to call the local HP Support.

Unfortunately I don't have the chance to test it.

br

Manue