access list for vlan browsing internet

Unanswered Question
Apr 16th, 2007

I have a scenario where i want to a certain vlan to browse the web through our seconfary firewall, i know thsi can be done by an access list, or policy based routing but sure of the syntax

any help would be appreciated

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mahmoodmkl Mon, 04/16/2007 - 03:37


What do u mean by secondry firewall.i assume u r saying the standby firewall,if its then u can route the traffic through this firewall becoz the standby firewall will not pass any traffic until the active firewall is in operation.



mburguk1000 Mon, 04/16/2007 - 03:55

I dont think first time i was very clear, I just want to allow the second vlan to use a different firewall and isp, i think i might have made the issue confused when I stated using a second firewall

currently i want to route web traffic from a separate vlan to use a different route for web browsing

mahmoodmkl Mon, 04/16/2007 - 11:04


Well u can do this by implementing PBR.

It will be better if u can explain the current design.



mburguk1000 Mon, 04/16/2007 - 22:51

The design I have is,

I have created 3 Vlans

Default gateway is a 4507 switch which is doing routing, Most of hosts are on Vlan 1 and usea default route to a checkpoint Nokio which interface is on vlan 1

I have a secondary firewall where i want to route a certain vlan traffic, but I want to implement PBR to allow web access through this secondary firewall

Hope this helps


This Discussion