How does a custom Application Signature Rule works in regards of Policy-Based Routing (PBR)

farhan Lv1Posted 26 Jan 2020 08:39

Hi,

I would like to set up a Policy-Based Routing (PBR) in NGAF (version 8.0.17) where if the user shall be routed to ISP-A if they would like to access some specific websites. Otherwise, they shall be routed to ISP-B if they would like to access any other websites.

What I did:

1. I created a custom Application Signature Rule where I set the direction (LAN->WAN), Protocol TCP, Dst port and IP Address set to All, and I put the name of the domain name of the website in the Target Domain box.
139155e2cdf2305904.png

2. I created a PBR rule where I set the Zone to LAN, Network Objects to All, Destination Network Objects to All, Protocol and Src/Dst Ports to All, and the Application set to the custom Application Signature Rule that I set at step 1. The egress is set to the interface that is linked to ISP-A.

197285e2cdf8035482.png

748185e2cdf90f02b1.png

783715e2cdfb379df6.png

Apparently, this PBR rule didn't work despite I put it at the highest position in the PBR rules list as the NGAF was routed the traffic to ISP-B (default route). May I know how can I achieve my objective and also how does a custom Application Signature Rule works in regards to Policy-Based Routing (PBR)?

Regards

By solving this question, you may help 361 user(s).

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Park Bo Gart Lv2Posted 26 Jan 2020 17:49
  
it seems that there is no mistake in what you did. I also try this one and will give you feedback.

I Can Help:

Change

Moderator on This Board

1
55
3

Started Topics

Followers

Follow

Board Leaders