My internal LAN is segmented into numerous VLANs. The VLANs are routed via a Cisco 3550 switch. The routing in the switch has a default to our firewall which then sends traffic on to the Internet. We are going to be testing a new firewall and would like to have a single machine have its traffic routed to the new firewall. The single machine will be an Exchange email server. I need this internal server to still serve all VLANs but I want it to route to firewall 2 for Internet based traffic and not firewall 1. How would I set up the routing in the 3550 so this one server's default route pointed to firewall 2?
Thanks for any help,
Another option is changing the Exchange Server's default gateway to point to FW 2
and under the DOS prompt enter a persistent route add for network 10.0.0.0/8 pointing to your 3550 switch.
Note: This will only work if the FW and Exchange server are on the same subnet.
Our vlans are not summarisable. Our network is scattered across a 10.x.x.x address scheme, segmented into 20+ vlans. I would have a lot of entries to place in the hosts file of the email server. Could I just put the gateway address 0.0.0.0 0.0.0.0 into the hosts file and have it work? Would it use the routing table of the layer 3 switch to route between vlans and use the hosts file when it cannot find an entry in the routing table or would it use the layer 3 switch default route at that point and skip the host file?
If all your networks are 10.x.x.x then they don't need to be summarisable. All 10.x.x.x is not routable on the internet so you actually only need 2 routes entries ie.
ip route 10.0.0.0 255.0.0.0
ip route 0.0.0.0 0.0.0.0
Edit - in answer to your question host routes would take precedence. So with a default route it would send everything other than traffic for the server vlan to the firewall which is not what you want. Try the above 2 routes, it should work fine.