How to configure Policy Based Routing

Hi Laz,

In my lab environment, I am able to use policy-based routing to push routes from internal VLANs to one single IP gateway and it works like a charm. My issue now is: I am trying to implement a DMZ in my lab. From the diagram, you will see that all the the default traffic is sent to the firewall from LAN to Internet (That is working fine as it’s just a default route). Routes from the firewall to the internal LAN is flowing well via firewall routing using (router on a stick method).

Therefore traffic is flowing from LAN to internet - OK
From Firewall to DMZ - OK

When I tried to do a tracert from DMZ to 8.8.4.4 on the DMZ host, the packet was dropped at the gateway. I suspect the reason for this is that the router does not know where to push the traffic as it sees two interfaces i.e. one going to the LAN and another to the FIREWALL.

Here is my question:

Can you use the policy based route to set the default next hop to go to the firewall and something like another next hop to be internal LAN?

IMG_0027