Tag Archives: Policy Based Forwarding

Cisco ASA PBR - featured image

Policy Based Routing on a Cisco ASA

Cisco ASA 9.4 (and later) is now supporting Policy Based Routing. Yeah. Great news, since many customers are requesting something like “HTTP traffic to the left – VoIP traffic to the right”. Coming with a new Cisco ASA 5506-X I was happy to try the policy based routing feature.

The configuration steps through the ASDM GUI are not easy and full of errors, so I try to give some hints within this blog post.

Continue reading Policy Based Routing on a Cisco ASA

Palo Alto PBF w different VRs featured image

Policy Based Forwarding on a Palo Alto with different Virtual Routers

This guide is a little bit different to my other Policy Based Forwarding blog post because it uses different virtual routers for both ISP connections. This is quite common to have a distinct default route for both providers. So, in order to route certain traffic, e.g., http/https, to another ISP connection, policy based forwarding is used.

Continue reading Policy Based Forwarding on a Palo Alto with different Virtual Routers

ScreenOS PBF with VRs featured image

Policy-Based Routing on ScreenOS with different Virtual Routers

I already puslished a blog post concerning policy-based routing on a Juniper firewall within the same virtual router (VR). For some reasons, I was not able to configure PBR correctly when using multiple VRs. Now it works. 😉 So, here are the required steps:

Continue reading Policy-Based Routing on ScreenOS with different Virtual Routers

FortiGate Policy Route featured image

Policy Routing on a FortiGate Firewall

This is a small example on how to configure policy routes (also known as policy-based forwarding or policy-based routing) on a Fortinet firewall, which is really simple at all. Only one single configuration page and you’re done. 😉

Continue reading Policy Routing on a FortiGate Firewall

SSG PBR

Policy-Based Routing (PBR) on a Juniper ScreenOS Firewall

Here comes an example on how to configure policy-based routing (PBR) on a Juniper ScreenOS firewall. The requirement at the customers site was to forward all http and https connections through a cheap but fast DSL Internet connection while the business relevant applications (mail, VoIP, ftp, …) should rely on the reliable ISP connection with static IPv4 addresses. I am showing the five relevant menus to configure PBR on the ScreenOS GUI.

[UPDATE] I later on wrote an article with policy-based routing with two different virtual routers. See it here.[/UPDATE]

Continue reading Policy-Based Routing (PBR) on a Juniper ScreenOS Firewall

PA PBF

Policy Based Forwarding (PBF) on a Palo Alto Firewall

This is a small example on how to configure policy based forwarding (PBF) on a Palo Alto Networks firewall. The use case was to route all user generated http and https traffic through a cheap ADSL connection while all other business traffic is routed as normal through the better SDSL connection. Since I ran into two problems with this simple scenario, I am showing the solutions here.

[UPDATE] I also wrote an article about policy based forwarding with two different virtual routers on the Palo Alto firewall. See it here.[/UPDATE]

Continue reading Policy Based Forwarding (PBF) on a Palo Alto Firewall