Table of Contents
Advertisement
Policy Applications
Policy Based Routing can be used to redirect untrusted traffic to a firewall. In this case, note that reply
packets are not allowed back through the firewall.
In this example, all traffic originating in the 10.3 network is routed through the firewall, regardless of
whether or not a route exists.
-> policy condition Traffic3 source ip 10.3.0.0 mask 255.255.0.0
-> policy action Firewall permanent gateway ip 173.5.1.254
-> policy rule Redirect_All condition Traffic3 action Firewall
Note that the functionality of the firewall is important. In the example, the firewall is sending the traffic to
be routed remotely. If you instead set up a firewall to send the traffic back to the switch to be routed, you
must set up the policy condition with a built-in source port group so that traffic coming back from the fire-
wall does not get looped and sent back out to the firewall.
For example:
page 25-80
10.3.0.0
OmniSwitch
Routing all IP source traffic through a firewall
10.3.0.0
OmniSwitch
Using a Built-In Port Group
OmniSwitch AOS Release 7 Network Configuration Guide
173.10.2.0
Firewall
173.5.1.0
173.10.2.0
Firewall
173.5.1.0
Configuring QoS
174.26.1.0
173.5.1.254
174.26.1.0
173.5.1.254
June 2013
- Quick Links:
- Configuring Vlans
Hide quick links:
Advertisement
Table of Contents
