I am attempting to create an environment where my current production traffic continues to use the current route to the current firewall but traffic from a specific network to the same destination is directed to a different firewall to head to the internet.
Current Static route
ip route 220.127.116.11 255.255.255.0 10.1.1.1
Instead I want to have the following:
Traffic from 10.2.1.1 destined to 18.104.22.168 needs to go to firewall 10.1.1.50
all other traffic destined to 22.214.171.124 needs to continue to go to firewall 10.1.1.1
Please let me know your suggestions.. Thanks in advance.
This configuration will be better:
interface vlan 102
ip policy route-map firewall-test
access-list 102 permit ip 10.2.1.0 255.255.255.0 126.96.36.199 255.255.255.0
route-map firewall-test permit 10
match ip address 102
set ip default next-hop 10.1.1.50
In short, traffic not matching the src/dst pair from the ACL will take the normal routing table so please leave your static routes as they are today.