depending on your layer 3 topology it might be enough to just place a static route on the N3048
for the subnet beloning to the VLAN which should migrate pointing to the new firewall.
You may test this with a non-production subnet and don't forget the return routes.
Policy based routing normally makes more sense if you want to pick specific traffic flows via ACL match to route them to alternate paths or to do something else with them.
I need to ensure that *only* the specified VLAN should be routed to the new firewall. This is a test VLAN. All production traffic will still route to the existing firewall. Would it still work in the way you suggested?
DELL-Tim G
3 Apprentice
•
73 Posts
0
January 14th, 2021 06:00
The approach works as long as each of your VLANs has a separate IP subnet associated.
A good example of the concept can be found here.
Tim
DELL-Tim G
3 Apprentice
•
73 Posts
0
January 13th, 2021 09:00
Hi,
depending on your layer 3 topology it might be enough to just place a static route on the N3048
for the subnet beloning to the VLAN which should migrate pointing to the new firewall.
You may test this with a non-production subnet and don't forget the return routes.
Policy based routing normally makes more sense if you want to pick specific traffic flows via ACL match to route them to alternate paths or to do something else with them.
Regards,
Tim
abevelacqua-orangetown.com
2 Posts
0
January 13th, 2021 10:00
I need to ensure that *only* the specified VLAN should be routed to the new firewall. This is a test VLAN. All production traffic will still route to the existing firewall. Would it still work in the way you suggested?