My Cisco is a little rusty has recently I've just been working with ubiquiti meraki and aruba.

I'm trying to get a route set up in a certain way and I cannot for the life of me remember how to do this and wanted to ask if anyone else knows how I could possibly accomplish what I'm trying to do.

I'm using a Cisco 9300 as a core switch going into A Palo Alto firewall.

I have two interfaces on my Palo

Interface 2 and interface 3

Interface 2 I'm trying to use as my internal Network 10.40.x.x

Interface 3 I'm trying to use for two guest networks 192.168.1.x and 10.40.99.x

I did not originally set this up I'm just trying to get this guest network configuration working.

Palo Interface 2 Palo interface IP 172.16.3.3
Routes to 172.16.3.1 (Vlan 3 Interface of Core Switch) All used 10.40.x.x address are set to route to interface 2 with next hop of 172.16.3.1

Palo Interface 3 Palo interface IP 192.168.1.1 Routes to 192.168.1.254 (Vlan 99 of Core Switch) 192.168.1.x and 10.40.99.x are set to route to interface 3 with next hop of 192.168.1.254

Core Switch Vlan 3 ip address 172.16.3.1 255.255.255.0

Vlan 99 ip address 192.168.1.254 255.255.255.0

vlan 399 ip address 10.40.99.0 255.255.255.0

interface GigabitEthernet1/0/32 (Connects to Palo interface 2)

switchport access vlan 3 switchport mode access

interface GigabitEthernet1/0/33 (Connects to Palo interface 3)

switchport access vlan 99 switchport mode access

Ip default-gateway 172.16.10.1 Ip route 0.0.0.0 0.0.0.0 172.16.3.3

What we want to do is have both Vlan 99 and Vlan 399 route out to the Palo interface 3 to 192.168.1.1 from the core switch interface 1/0/33

While all other traffic goes out interface 32 to Palo interface 2.

I believe I have to do policy based routing but I cannot for the life of me remember how to do that properly.

The Palo is set correctly is I can ping out to the internet from the 192.168.1.1 interface from it I just need to get traffic routed properly from the core switch to that interface.