I have a scenario(diagram attached) where different external vendors will be coming in and accessing our database via a secured mpls network. We will be using EIGRP between our head end and the remote vendor sites router with the same autonomous number.
Because of business requirement, some vendors are allowed to access other vendors site via our VPN cloud and the end-to-end logical path should be strictly via the firewall. Because EIGRP can route traffic between remote sites, we need to avoid and to push all the routers ingress traffic towards the firewall. Then the firewall will decide to forward the traffic back to the remote site or will drop it.
If there is no switch in the middle between firewall and router, I can use policy based routing to push all the remote traffic towards the firewall's IP. But I am lost now.
Can someone suggest something how to proceed with this. I have attached a diagram.
There are a number of ways to approach this but the easiest would be to use the recursive next hop with PBR. So on the 3845 just set the next-hop to be the firewall and as long as the 3845 has a route to the firewall you should be fine. See attached link for details -
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...