PDA

View Full Version : Allowing asymmetric routing between two interfaces on single FW.



jsycap
2013-11-22, 18:13
Hi team,

Currently, we enabled anti-spoofing configuration per each intenal interfaces. the action is set to 'prevent' on both.
but Client wants to allow same subnet into multiple interface, that means, the specific subnet will come in through either interface A or interface B. and will go out to only interface B to back to internal.
to make it this requirement, so we just need to update anti-spoofing with desired subnets into both interface anti-spoofing configuration?

ShadowPeak.com
2013-11-22, 18:53
Hi team,

Currently, we enabled anti-spoofing configuration per each intenal interfaces. the action is set to 'prevent' on both.
but Client wants to allow same subnet into multiple interface, that means, the specific subnet will come in through either interface A or interface B. and will go out to only interface B to back to internal.
to make it this requirement, so we just need to update anti-spoofing with desired subnets into both interface anti-spoofing configuration?

Yes. You can have the same network subnet(s) defined on more than one interface in your anti-spoofing config and it works fine.