Tuesday, December 31, 2019

Static Routing Preference Question

Hi r/networking,

I have a pulse secure appliance that is connected to our network via static route to our transit LAN subnet. Our firewall has an interface on this same LAN and there is a static route configured to the Pulse Secure client. Our firewall currently has a site to site vpn with AWS using BGP. When connected to the pulse secure I can reach the firewall and all of the locally connected resources. I've determined that in order to route to AWS, I'll need to include a static route on the firewall over the correct tunnel interface. If I add the static route in the firewall this will definitely take precedence over the BGP route, but if for some reason the static route is unavailable will it naturally go to the BGP route? (we have a few redundant tunnels configured in case one drops). Am I incorrect in assuming the static route on the firewall will correct the issue from the firewall? Will there be any additional issues from adding the static route?

Thanks in advance and sorry if this is a stupid question, but I'm on a time crunch and just inherited the entire management of our network.



No comments:

Post a Comment