Hi,
I want to transfer all HTTP traffic to another UTM-firewall running UTM licenses.
-Core-firewall is conencted to internet.
-All HTTP traffic originated from trust is to be scanned before it goes over the internet.
-The UTM firewall will do all the scanning and then hand over the traffic to the core firewall for final forwarding over the internet.
I can create a firewall filter with routing-instance and hand over all the http traffic from core to utm firewall. The UTM firewall will then do scanning and again routes the traffic to the core firewall but then the traffic doesnt come back to the UTM firewall. I suspect that because the original traffic(trust zone) was a locally connected subnet on core firewall, it tries to hand over the traffic locally. I implemented src-nat on the utm firewall egress interface and this worked but I am wondering if I can do away with implementing src-nat on the utm-firewall as the core firewall is performing the final src-nat before putting the traffic on internet.
Is there a guide available on this on how to do it somehwere? Looked alot but cant find it. Please guide why the traffic is not going back the same return path.
Thanks....