Policy Based Forwarding Forwarding Tab
Select the Forwarding tab to define the action and network information that will be applied to traffic that matches the forwarding policy. Traffic can be forwarded to a next-hop IP address, a virtual system, or the traffic can be dropped.
Select one of the following options:
Use Forward or Forward to VSYS as the Action so you can apply a Monitor profile to the traffic. (You can’t apply a Monitor profile when the Action doesn’t forward the traffic.) Monitor profiles monitor the IP address. If connectivity to the IP address fails, Monitor profiles specify the action.
Directs the packet to a specific Egress Interface
If you direct the packet to a specific interface, specify the Next Hop IP address for the packet.
Enable Monitoring to verify connectivity to a target IP Address or to the Next Hop IP address. Select Monitor and attach a monitoring Profile (default or custom, NetworkNetwork ProfilesMonitor) that specifies the action when the IP address is unreachable.
Configure Monitor profiles and enable monitoring so that if the egress interface fails or the route goes down, the firewall takes the action in the profile and minimizes or prevents the service interruption.
Enforce Symmetric Return
(Required for asymmetric routing environments) Select Enforce Symmetric Return and enter one or more IP addresses in the Next Hop Address List.
Enabling symmetric return ensures that return traffic (such as from the Trust zone on the LAN to the Internet) is forwarded out through the same interface through which traffic ingresses from the Internet.
To limit the days and times when the rule is in effect, select a schedule from the drop-down. To define new schedules, refer to Settings to Control Decrypted SSL Traffic.
Create a Policy-Based Forwarding Rule
Create a Policy-Based Forwarding Rule Use a PBF rule to direct traffic to a specific egress interface on the firewall, and override the default path ...
Use Case: PBF for Outbound Access with Dual ISPs
Use Case: PBF for Outbound Access with Dual ISPs In this use case, the branch office has a dual ISP configuration and implements PBF for ...
Egress Path and Symmetric Return
Egress Path and Symmetric Return Using PBF, you can direct traffic to a specific interface on the firewall, drop the traffic, or direct traffic to ...
Static Route Removal Based on Path Monitoring
Static Route Removal Based on Path Monitoring When you Configure Path Monitoring for a Static Route , the firewall uses path monitoring to detect when ...
PBF PBF rules allow traffic to take an alternative path from the next hop specified in the route table, and are typically used to specify ...
Static Routes Network > Virtual Routers > Static Routes Optionally add one or more static routes. Click the IP or IPv6 tab to specify the ...
Routing Tab The following table describes the virtual router’s runtime stats for the Route Table , Forwarding Table , and the Static Route Monitoring table. ...
PIM uses reverse-path forwarding (RPF) to prevent routing loops and to build a shortest-path tree from the receiver back to the multicast source. ...
Policies > Policy Based Forwarding
Policies > Policy Based Forwarding Normally, when traffic enters the firewall, the ingress interface virtual router dictates the route that determines the outgoing interface and ...