Cisco FTD Policy Based Routing

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello this is Ahmed Chalabi I'm working as a little security engineer in this video we are going to look at how to configure policy-based routing with all the easily using flicks pumping we have FTD and the FMC water running six one two and three the FTD has two outside interfaces each one of them is connected to route which should provide Internet access first interface which is VB and oh this one is connected to is p1 which in this case if the brain may always be it has a bit of fun and those all inside subnets are accessing the internet using with this link the second interface which is maybe an autist blue is connected to all his people which I'll use PPR to make it as a primary link for some different subnets and everything to be came down they are going to use is be one for internal network I have course oblems 70 which is connected using sub interface vivianne I test one and subnet ID which is connected using sub interface we be an artist tool using BB odd I'll enforce subnet 70 to use always be code now the only way to achieve policy-based routing is to use flex coffee first I'll create a default rule under device routing then static routing I click end as I said before the is p1 will be in the primary always be with method 1 so I'll choose the interface to be Otis 1 any I be before and like it we would be as 52 5050 with one good metric one click okay and then I'll end the secondary OSP what is true in any IV before the letter could be two and the gate will be 60 60 61 okay and since now I have two difficult and the prefect one is to use ice being one with Italy 50 50 50 good one now to configure policy-based routing I have to configure an access list for the submit I use NDB or it will be under object object management access list extension I already have an access list called 70 tests in which I declared submit 70 and once I have access lists pulled a t-test for submit a team then we have to configure our net to use with flicks country I already have one called test I have sequence thing which pointing to access list of subnet 17-under i before choose extended then the access list and in seconds it twinny i have access list of submit 80 then let's define flicks config object under flicks convict text object i'll create a new object for time between one for 50 and other for 60 I already have one called 58 it way with IB of 50 and 50 51 and the other one is pulled 63 with IB of 16 with 60 to 61 now for failover I should have taken so I'll create two IP easily one two month telling with is p1 and the other one to monitor the link will always people under object is immortal I'll give it a name they se6 - I'll use it to track ice be tool which is 60 60 and 61 as a maggot wing [Music] 500 500 others let's see it would be able to give that would be RIBA noticed - and I did obviously to take ice be one the name would be five the same others there's will be ribbon of this platter now I have two cylinders easily five which monk an OSP one link using Google IP and it's a easy oh let's go written two visits okay it'll always be to link using Google IP till now i've configured a static routing and I've created root and root name and is limited so let's let's do it let's oblique see what would happen and now the deployment is successful let's open the document line and enter the diagnostic see at all okay in this gesture support Diagnostics Eloy at enable in the end let's do showing show running configuration is a monitor it is bleed or both configured a as a monitors and those these are previously configured and I not find their five and say sutures which I just created from make obscene and though show tank this was also previously configured and it's downtown okay let's do sure on confirmation no five or six these are beautiful figure and actually I can remove them using gay flicks Co number okay so let's do purchases to see that behavior of traffic some at this point is the society type and this mission date and the recent evident of this is this one and because of the difficult the output interface is oldest one which is is p1 which in this case I to be all this tool using two people now let's configure our flix config object configured I named it just PB on first right group map and the name of the route map variable actually this is how to set it just insert group map I choose my name and I'll give it a name I named it Ruth - map - test and symptoms from britain which are sweet associated with the sincerity and since it I be next oh boy pretty and I should like it way it would be 60 this is not all set up with metric one and that's because I own submit 72 use hospital so that before must be 60 60 61 and trick let's give it any random number now and I've set up a cop was to use it we won I resisted same way and Hamitic would be 2 and 3 and then the same was submitted here actually I do need it now and I employ is pulusu to the inside interface okay okay then under device I like create the Flex config puts the Android device takes config I create as a policeman and assign it to our if TD is then I choose this PP own dancing so let's do it after deployment a successful it's open - Illinois sure on Craig nothing happened packet tracer to the same result Shirin is an immunity also the same result nothing else new let's do sure on route map a childred the road map is deployed but I said track 7 and track 6 which are not configured yet so the trick here is to have track object and to achieve that I should link the static route will leave object so that that crap object is going to be created so I'll do this easily object with my study put under the voice will give me 60 I'd use a CD number 6 and with 15 I use file a civil and I will find flicks config now okay and deploy okay let's see what happened so far nothing new with wood and is it a monitor great now I have new silly it's a five and a six sure on a tree agreed now tank it is associated with the silly number 5 and track loin is associated with yesterday number 6 with in shortly and yes the two tracks are up and back Tricia it's still using OS p1 and this is true because and a flex config configuration are used to tracks the that all would exist instead I should use drag it and track nine so let's move the fight the configuration first I'll use the track nine because I want to know to get way to and track nine is a sheeted with the equator and then I'll just drag it and the sea near it underline and save then deploy now let's b-boy code map and is using all the right tracks a tantric line and so drink there are two tracks or Rob and Tracey agreed it's now using the right interface which as Otis - now 770 is going out from oldest - which means they are using always be true now let's avoid the philosopher by shutting down the ice beetle interrupter I'll bring the interface table you you okay let's test it should read good the trick is done now and Patricia [Music] and absorptivity is using oldest one I'll bring the interface uh begin and the Tigers still down okay time now it's all okay and now they return using Otis true and now we've completed our policy based routing and distillate thank you for viewing

Info

Channel: Ahmed Shalaby

Views: 14,732

Rating: undefined out of 5

Keywords:

Id: MKcSBTJ55e8

Channel Id: undefined

Length: 18min 32sec (1112 seconds)

Published: Tue Aug 28 2018