access list for vlan browsing internet

mburguk1000 · ‎04-16-2007

I have a scenario where i want to a certain vlan to browse the web through our seconfary firewall, i know thsi can be done by an access list, or policy based routing but sure of the syntax

any help would be appreciated

mahmoodmkl · ‎04-16-2007

Hi

What do u mean by secondry firewall.i assume u r saying the standby firewall,if its then u can route the traffic through this firewall becoz the standby firewall will not pass any traffic until the active firewall is in operation.

Thanks

Mahmood

mburguk1000 · ‎04-16-2007

I dont think first time i was very clear, I just want to allow the second vlan to use a different firewall and isp, i think i might have made the issue confused when I stated using a second firewall

currently i want to route web traffic from a separate vlan to use a different route for web browsing

mahmoodmkl · ‎04-16-2007

Hi

Well u can do this by implementing PBR.

It will be better if u can explain the current design.

Thanks

Mahmood

mburguk1000 · ‎04-16-2007

The design I have is,

I have created 3 Vlans

Default gateway is a 4507 switch which is doing routing, Most of hosts are on Vlan 1 and usea default route to a checkpoint Nokio which interface is on vlan 1

I have a secondary firewall where i want to route a certain vlan traffic, but I want to implement PBR to allow web access through this secondary firewall

Hope this helps