I have setup the default route for my layer 3 switch 0.0.0.0 0.0.0.0 10.100.1.2 255.255.255.252 on interface gigabitEthernet 0/1 with the
Switch(config-if)#ip address 10.100.1.1 255.255.255.252
We are using a Watchguard firebox that associates rules and policies based on the Port that is receiving
the traffic, each network has different policies on Internet access that the watchgaurd filters.
with the setup above all traffic would leave the switch to one interface of the Firebox, what would the best
solution be to solve this problem? maybe make a different routing port on the switch, any help or advice would
As per your existing setup switch --- watchgaurd firewall---internal lan,with this setup you can achive that from outside network what ever traffic comes to internal LAN will be filter as per the policies in firewall.
Routing will be done at switch and outside world.
But if you want to filter traffic between internal lan you need to have separate segment of firewall in separate segment so that all traffic from internal lan can come to firewall then policy will checked and goes to destination segment.
Hope that Helps