Configuring QoS Policy Applications
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 26-80
In this example, all traffic originating in the 10.3 network is routed through the firewall, regardless of
whether or not a route exists.
-> policy condition Traffic3 source ip 10.3.0.0 mask 255.255.0.0
-> policy action Firewall permanent gateway ip 173.5.1.254
-> policy rule Redirect_All condition Traffic3 action Firewall
Note that the functionality of the firewall is important. In the example, the firewall is sending the traffic to
be routed remotely. If you instead set up a firewall to send the traffic back to the switch to be routed, you
must set up the policy condition with a built-in source port group so that traffic coming back from the
firewall does not get looped and sent back out to the firewall.
For example:
In this scenario, traffic from the firewall is sent back to the switch to be re-routed. But because the traffic
re-enters the switch through a port that is not in the Slot01 port group, the traffic does not match the
Redirect_All policy and is routed normally through the switch.
OmniSwitch
Routing all IP source traffic through a firewall
10.3.0.0
173.5.1.0
173.10.2.0
174.26.1.0
Firewall
173.5.1.254
OmniSwitch
Using a Built-In Port Group
10.3.0.0
173.5.1.0
173.10.2.0
174.26.1.0
Firewall
173.5.1.254
To Next Page
Loading...
