I have a question about whether the following is possible:
Using vlans to separate internal and external(publicly-routable) networks, is there a way to route the internal (privately IP'd) networks to the inside interface of an ASA 5510 firewall, if a 3750 with the IP services image is used, without allowing internal traffic to bypass the firewall? Meaning, since the default metric is 0 for directly-connected interfaces, my static routes are not being invoked.
Without solving this issue, a dynamic routing solution, say with separate AS's, would not resolve the problem.
I am trying to use the 3750 to serve as an inner router, outer router, and L2 device. This may be asking too much.
My initial setup was to use router interfaces for the two connections to the firewall and the ISP edgewater router (3 x bonded T-1s). I then used SVIs to separate my internal network into 9 subnets. I simply could not force the internal networks to not bypass the internal interface of my firewall.
Any assistance would be greatly appreciated!!