Flow redirect problem in Extreme network

[swiftech]

hi

Presently i am using a Extreme summit48i switch
i hv different Vlan's configured in it .

I want to redirect my tcp flow to my linux firewall which is connect to one of my Vlan's

i gave the following policies in my switch

create flow-redirect firewall tcp destination any ip-port 80 source any

config firewall add next-hop x.y.z.a

(where x.y.z.a is the ip address of my firewall)

the problem is that when my firewall is up and running , the swtich does not redirects my flow ,
i cannot browse the internet

plz guide

thnx
bhagat panwar

 

[Comstocb]

Does the firewall have a route configured to get to the internet? Thinking the Extreme is fine and the firewall doesn't know what to do with the re-directed traffic. One other thought, does the traffic go back through that Summit 48i after the firewall has seen it? if so I would think that the switch is just re-directing it back to the firewall. The internet gateway needs to be behind the firewall. I haven't done anything with flow-redirection but I have noticed that access-lists are applied to ALL traffic seen regardless of if its traversing the switch at layer2 or layer3. I bet FR is treated the same. Hope this helps

Brian C.

Brian