The customer uses the switch to connect to two egress devices, one of which is connected to the firewall for users accessing the Internet and L2TP dial-up. The other egress is connected to the router for the dedicated network.
The customer requires that intranet users can access the Internet, and when they communicate with the L2TP dial-up host, the traffic goes through the firewall; when the intranet users access the dedicated network, the traffic goes through the router.
After the topology is changed, connect the intranet switch to the router, and configure the static route between the router and the firewall.
For detailed configuration, method, and key configuration, see the attachment.
The following methods are available:
1. Configure the policy-based route on the switch. Data flows go through corresponding egresses based on policy modes.
2. Use an independent device (the firewall or router). Both links are connected to this device. Configure a policy-based route, through which services are applied along corresponding links. However, the number of ports are limited. The customer wants to employ the router.
3. Change the network topology.