cancel
Showing results for 
Search instead for 
Did you mean: 

I need one device to have a specific ip default route to another firewall

I need one device to have a specific ip default route to another firewall

Arison_Mercado
New Contributor II
Hi I have a remote site that connects through our hub via LAN and they have their own independent Firewall connection for internet. They communicate to a few devices on our network and everything else is blocked via access-list but they need to have a server on our LAN. Now I need to move their server and host it on our network 172.16.x.x but they need it to use their Firewall for internet access. The only thing I can think of is create an access-list on our Firewall uplink to allow everything but their server and add the server to the access-list that connects to their LAN with addition to add another IP default route inside my hub. That’s the only thing I can think of at the moment, does anyone have a better solution?

19 REPLIES 19

McClane
Extreme Employee
So it should be:

config access-list PBR vlan Servers ingress

Arison_Mercado
New Contributor II
Lets just say its 172.16.10.0/24 and its called "SERVERS" and the customers network is 192.168.0.0/24

McClane
Extreme Employee
Just to confirm, what is the subnet for your server 172.16.10.10? And what is the name of that VLAN?

Arison_Mercado
New Contributor II
I'm a bit confused, because I have an ingress rule on the Link between the customer and I. I understand the entry you supplied with me with but I don't know where I should enter it? In the ingress rule between the site or create a egress rule between my hub and firewall and add that entry so that it redirects over the LAN link......... Sorry I come from a Cisco background.

McClane
Extreme Employee
It could be applied to the VLAN of the default gateway...
GTM-P2G8KFN