Skip to main content

Manage a policy-based route

Overview

A policy-based route forwards traffic based on source and destination IP addresses. This topic describes how to create, advertise, modify, and delete a policy-based route.

Prerequisites

An IPsec-VPN connection is created.

Procedure

  • Add a policy-based route
  1. On the VPN Gateways page, click the VPN gateway ID/Name. fg-dc-vpn-3.1.3-1
  2. On the Policy routing table tab, click the Add route entry button. fg-dc-vpn-3.1.3-2
  3. On the Add Route Entry section, configure the parameters.
Parameter Description
Destination CIDR Block Enter the private CIDR block that you want to access. Source CIDR Block
Source CIDR Block Enter the private CIDR block of the VPC.
Destination CIDR Block Enter the private CIDR block that you want to access. Source CIDR Block
Next Hop Type Select IPsec Connection.
Next Hop Select the IPsec-VPN connection for which you want to create a policy-based route.
Publish to VPC Specify whether to advertise the route to the virtual private cloud (VPC) route table.
· Yes: automatically advertises the route to the route table of the VPC. We recommend that you select this value.
· No : does not advertise the policy-based route to the VPC route table.
Note If you select No , you must manually advertise the route to the VPC route table.
Weight Select a weight. Valid values:
· 100 (default): specifies a high priority for the route.
· 0 : specifies a low priority for the route.
Note If a route table contains multiple policy-based routes that have the same source CIDR block, destination CIDR block, and weight, a policy-based route is randomly selected to forward traffic.
  1. On the Add Route Entry section, click the OK button. fg-dc-vpn-3.1.3-3
  2. Once the Route Entry is successfully added, its status has been updated as shown. fg-dc-vpn-3.1.3-4

​ Advertise a destination-based route

  1. On the Policy routing table tab, click the Publish button. fg-dc-vpn-3.1.3-5
  2. On the pop-up message, click the OK button. fg-dc-vpn-3.1.3-6
  3. Once the Route is successfully published, its status has been updated as shown. fg-dc-vpn-3.1.3-7

​ Modify a destination-based route

  1. On the Policy routing table tab, click the Edit button. fg-dc-vpn-3.1.3-8
  2. On the Modify section, specify a new weight for the route.
  3. On the Modify section, click the OK button. fg-dc-vpn-3.1.3-9

​ Delete a destination-based route

  1. On the Policy routing table tab, click the Delete button. fg-dc-vpn-3.1.3-10
  2. On the pop-up message, click the OK button. fg-dc-vpn-3.1.3-11