Same thing. Of course, you'll have to adapt it to fit your case.
Original Message:
Sent: 12-05-2024 14:02
From: JOHN WILLIAMSON
Subject: Force traffic out specific interface
Nicolay,
I found this document that seemed to describe what I want.
https://jncie.wordpress.com/wp-content/uploads/2008/09/350136_filter-based-forwarding.pdf
Is it missing anything?
------------------------------
JOHN WILLIAMSON
Original Message:
Sent: 12-05-2024 13:55
From: Nikolay Semov
Subject: Force traffic out specific interface
Filter is the right idea, but the action will be different.
First, create a new routing instance of type "forwarding" and put in it routes such that the active is route is out of the interface you want it to be. Then apply a filter to the ingress interface (facing the devices in question) with action "routing-instance" (and "accept").
Check this out: https://www.juniper.net/documentation/us/en/software/junos/routing-policy/topics/example/filter-based-forwarding-example.html
------------------------------
Nikolay Semov
Original Message:
Sent: 12-04-2024 15:06
From: JOHN WILLIAMSON
Subject: Force traffic out specific interface
I have a couple of uses where I need to make sure traffic goes out one of our two interfaces to the web, based on the source IP of the device. I looked up how to do it, but the instructions that I found were for routers and not an SRX firewall. They discussed using a firewall filter, with the option "next-interface" but that option is not available in a filter on our SRX. I already have a NAT rule for one group of devices that specifies one of the interfaces, but that does not seem to force the traffic out that interface, but if the session randomly picks that interface, the NAT rule applies.
How do I send traffic out the interface based on the source IP?
------------------------------
JOHN WILLIAMSON
------------------------------