Can someone help me to understand how a firewall makes a routing decision?
I have some traffic which needs to get to a subnet not directly attached to the firewall. there is a static route to that subnet, however the nameif subinterface is not the same as the one that traffic would be coming in on.
(traffic would be entering from an interface called LAN (sec level 100), and should be exiting via a subinterface named DMZ (sec level 50)
However when performing a packet-tracer test the default route out is being picked and as an result the traffic is dropped.
I can't add another route with the same network and destination on a different interface for obvious reasons.
Why is my traffic being redirected to the default gateway when there is clearly a a better route to the destination in the routing table?
This is a cut from the routing table the 192.168.20.0/24 subnet is where I'm trying to send my traffic from the 'LAN' subnet
Many thanks!