Hi all

Having a network routing problem that I could do with some help on. We currently receive our Internet connection via the Leeds Learning Network (soon to be no more) and are in the process of moving over to Virgin. With our new setup we are using a combination of Bloxx filtering with a Palo Alto firewall. The Bloxx filter is configured for Proxy mode, not transparent.

The problem I'm having is that our core switch has a default static route which points to our LLN router. The switch also contains all of the VLAN information for the school and acts as the default gateway for each VLAN. I need to be able to test our new connection and filtering rules using just one PC (or vlan) without affecting everybody else.

Because the default gateway of the Bloxx unit is set to the core switch, it isn't routing packets out of the Palo Alto --> Virgin line. If I adjust Bloxx to have a default gateway of the Palo Alto unit the I can get a test PC to work correctly - provided it is on the same VLAN as the Bloxx and Palo Alto units. How do I make this work so that all VLANs can use it just by changing the Internet Explorer proxy settings??

See diagram attached

Switch firewall layout.jpg