SSG Policy-base Routing

Vikko · ‎04-16-2009

I have a SSG140 and dual ISP Internet links in office. I would like to utilize both ISP links and I read the manual that I can use PBR to change force default gw for different end-devices according to different information (IP, tcp/udp...). However, my question is when one of my ISP link goes down, is there any solution overriding the PBR in order to avoid the traffics still going to the dead ISP link?

Version: 6.0.0r2.0

Thx!

Screenie · ‎01-10-2008

Yes there is. When the outgoing interface for a PBR route is down the routing falls back to destination routing. This means you can create a backup with two 0.0.0.0/0 routes with different matrix or preference.

best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.

Kashif-rana · ‎01-29-2008

Hi,

Refer to http://forums.juniper.net/jnet/board/message?board.id=Firewalls&message.id=920&query.id=687369#M920

HTH

Kashif Rana
00971555962393
JNCIE-SP#1428,JNCIE-SEC#55,JNCIP(SP,ENT,SEC),JNCIS(FWV,SSL),JNCIA(IDP,AC,WX),BIG IP-F5-LTM, CCNP
----------------------------------------------------------------------------------------------------------------------------------------

If this post was helpful, please mark this post as an "Accepted Solution".Kudos are always appreciated!

Vikko · ‎04-16-2009

So I can use PBR on both interfaces with "set interface monitor" commands?

When the outside IP of ISP router is unreachable, the interface of SSG will be down then the PBR will be disappeared automatically?

Vikko

Vikko · ‎04-16-2009

PBR with monitoring settings, does it support stateful fallback/failover?

Vikko

SSG Policy-base Routing

Re: SSG Policy-base Routing

Re: SSG Policy-base Routing

Re: SSG Policy-base Routing

Re: SSG Policy-base Routing