Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
801
Views
0
Helpful
2
Replies

PBR on vlan interface

SirEna
Level 1
Level 1

‎05-26-2015 10:22 PM - edited ‎03-08-2019 12:11 AM

hi all,

 

i have this diagram in attachment. the core sw is doing pbr for both users in vlan 100 and vlan 200 and set the ip next hop to firewalls' int 1.

is it normal for the laptop 1 with ip address in vlan 100 to ping interface vlan 200? if yes, then the pbr does not  take precedence if the destination traffic is local on the core sw? 

 

thanks

 

                                                            

Labels:
net_diagram.jpg
Preview file
24 KB
0 Helpful
2 Replies 2

vivek srivastava
Level 7
Level 7

‎05-26-2015 10:55 PM

If your laptop default GW is core switch vlan 100 IP address, then its normal, provided you core switch is configred for "ip routing"

If you want to filter in-between vlan100 and vlan 200 via FW, then you need to create the SVI of vlan 100 and vlan 200 on FW and give its IP as the GW for laptops.

0 Helpful

rosaho
Level 3
Level 3

‎07-02-2015 10:17 AM

Posts in this discussion have been modified due to possible misconduct. Please refer to the CSC terms of use for more details. 

0 Helpful
Top