We have two Global Protect portals/Gateways configured on each firewall ISP 1(Eth 1/1) and ISP 2(Eth 1/2) interfaces.
We had enabled ECMP on the firewall with max path 2 and configured ISP 1 and ISP 2 as default routes.
When an user is connected to GP configured on ISP 2 interface and trying to access internet the traffic from GP client is routed through ISP 1 interface.
As ECMP is configured this is an expected behaviour.
Can we use an PBF rule to route the traffic originating from end user GP Client to go through an particular interface.
In the below article it is mentioned that Global protect traffic cannot be routed using PBF policy. Is it also applicable for the traffic originating from GP client end user system.
Thanks in advance.
Play arround. You can use the option to add the VPN traffic to a specific zone for more easilly manage it with PBF:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!