Forward traffic to other Internet Gateway Router
This article is an application of Route Policy. Suppose the Vigor Router is used for LAN-to-LAN VPN connections, and there is another firewall router on LAN act as the Internet Gateway. We want all the traffic to be sent to the firewall router first, especially those from the remote network. This article shows how to use Route Policy and forward the VPN traffic to another device on LAN.
Go to Routing > Load-Balance/Route Policy, click an index number to create a new policy. Configure the policy as follows:
- Enable this policy.
- Enter Source IP as the IP address of the branch office. Or you may leave the Source IP as Any so that this Route Policy will be applied to all the LAN clients including the local ones.
- Leave Destination IP and Destination Port as Any.
- Select Interface as the LAN where the firewall router is on.
- Select Specific Gateway and enter the local IP address of the firewall router.
- Set Priority to a number smaller than 150 to give this policy a higher priority than the Routing Table.
- Click OK to save the configuration.
After the configuration, you may use the "tracert" command to see if the traffic pass the firewall router before it goes to the Internet.
To add a route policy to change the gateway, go to Routing >> Route Policy, click Add a rule as follows:
- Input Profile Name
- Check Enable
- Select ALL for Protocol
- Select ANY for Source Type
- Select ANY for Destination Type
- Select User Defined for Out-going Rule
- Select lan1 for Out-going Interface
- Input the LAN Gateway's IP address for Out-going (Gateway)
- Select NAT for Mode
- Check Disable for Failover to Next Rule.
After that, we can use command tracert -d 8.8.8.8 to check if the traffic to the Internet is going to the specified LAN Gateway.
Published On: 2016-05-12
Was this helpful?