Need a hand with a route issue



  • We are adding a second ISP at our headquarters.  I figured out that routing a certain branch office strictly through ISP2 drops the latency dramatically.  We want the internet traffic from the branch office to go out our primary firewall and ISP1 (this has all of our URL filtering, anti-virus, anti-spyware, reporting etc.).  I am sending 0.0.0.0/0 from the branch office.  The pfs at HQ has a default route pointed out ISP2 - so that is where the internet traffic goes.  I want it to actually go out ISP1.  I assume I would need to change my default route?  I'm hesitant because I don't want to get locked out of the box making the changes in the evening hours.  The head-end pfs is running Quagga for it's OSPF routes.  If you need the full head-end pfs config to answer this - PM me.

    Diagram attached.

    thank you!