Policy Based Forwarding Forwarding Tab
Forwardingtab to define the action and network information that will be applied to traffic that matches the forwarding policy. Traffic can be forwarded to a next-hop IP address, a virtual system, or the traffic can be dropped.
Select one of the following options:
Forward to VSYSas the Action so you can apply a Monitor profile to the traffic. (You can’t apply a Monitor profile when the Action doesn’t forward the traffic.) Monitor profiles monitor the IP address. If connectivity to the IP address fails, Monitor profiles specify the action.
Directs the packet to a specific Egress Interface
If you direct the packet to a specific interface, specify the Next Hop IP address for the packet.
Enable Monitoring to verify connectivity to a target
IP Addressor to the
Next HopIP address. Select
Monitorand attach a monitoring
Profile(default or custom,
) that specifies the action when the IP address is unreachable.
Configure Monitor profiles and enable monitoring so that if the egress interface fails or the route goes down, the firewall takes the action in the profile and minimizes or prevents the service interruption.
Enforce Symmetric Return
Required for asymmetric routing environments) Select
Enforce Symmetric Returnand enter one or more IP addresses in the
Next Hop AddressList.
Enabling symmetric return ensures that return traffic (such as from the Trust zone on the LAN to the Internet) is forwarded out through the same interface through which traffic ingresses from the Internet.