Please refer to attached image and solve my query.
Traffic has to go from CLIENT to SERVER. The condition is. It has to go through FIREWALL.
How that would be accomplished?
Looks like I get to dig out an old FAQ once again.
I actually feature this exact FAQ in my Migrate to R80.x talks as a Troy McClure slide
The below is adapted from: Can't Talk to Translated IP from Internal Net
To force traffic through the Security Gateway, you need to:
All traffic coming from 10.0.0.1 that is destined for 188.8.131.52 will get hidden behind 172.16.1.1 (the internal IP address of the firewall) and have a destination of 192.168.1.1 (the real IP of the server).The side effect of this is that for each connection to your "internal" server using the external IP address, you will see the network connection traverse your internal network twice:
I haven't actually tried this in years, so it's possible this won't work.
But, if it's going to work, this is how you'd do it.
Another way is to use VRF's on the router splitting the traffic and using a trunk between router and Firewall. Or directly connect either of the 2 or both networks directly to the Firewall and forget the router altogether.
Retrieving data ...