Customer connect two export devices with switch, one exit port connect with firewall, used to access the internet and used by l2tp dialing user. Another exit port connect with router and private network. What customer wants to implement is when private user access the internet and communicate with the host from l2tp dialing, firewall works, when internal network access private network, router works.
Topology as below:
Internal network switch connect with router alone after change the topology, configure static route between router and firewall.
Details about configuration and methods for implement, please look over the attachment.
Methods for implement, there are several ways:
1. do strategy routing on switch, implement data flow passed by corresponding business exit port according to strategy.
2. Using an individual device(firewall or router), connect two links with the device, do strategy route to implement operation passed by different links, but the device interface of customer is limited, customer wants to make use of router too.
3. Change network topology.