Working with Source-Based Routing

Note - In Security Groups in Maestro and Scalable Chassis:

  • The term VSX Gateway means a Security Group in the VSX mode.

  • Some VSX features have a limited or no support.

  • Virtual Routers are not supported (Known Limitation 01413513).

Introduction

Source-based routing directs traffic to a specific destination based on the source IP address or a combination of the source and destination IP addresses.

Rules defining Source-based routing take precedence over ordinary destination-based routing rules.

This section describes how to configure sourced-based routing rules when working in a VSX environment.

The procedures for defining source-based rules are the same for Virtual Routers in both VSX Gateways and VSX Clusters.

Item

Description

 

Item

Description

1

Internet

 

8

Wrp Unnumbered interface

2

Router

 

9

Virtual Systems

3

Security Management Server

 

10

Internal Virtual Router

4

VSX Gateway

 

VLAN Interface

5

Switch

 

VLAN Truck

6

External Virtual Router

 

Warp link

7

wrpj

 

 

 

Defining Source-Based Routing Rules

Define Source-based Routing rules in the Topology page of the Virtual Router definition window.

To define source-based routing rules:

  1. Connect with SmartConsole to the Security Management Server or Target Domain Management Server that manages the Virtual Router.

  2. From the Gateways & Servers view or Object Explorer, right-click the Virtual Router object and select Edit.

    The General Properties window opens.

  3. From the left navigation tree, select Topology.

  4. Click Advanced Routing.

    The Advanced Routing Rules window opens.

  5. Click Add to define a new rule. or select an existing rule and click Edit to change it.

    The Add/Edit Route Rule window opens.

  6. Define these settings:

    • Source IP Address and Net Mask

    • Destination IP Address and Net Mask

    • Next Hop Gateway

  7. Click OK.