The DHCP comes from an MS AD server on same subnet. The switch is only set for default VLAN1. The question is why wouldn't the servers/PCs work with setting THEIR default gateway to the firewall instead of switch and why would this cause any problems if it were set that way? Can the phones and PCs/servers be set to separate gateways (such as phones to the switch and Pcs/servers to firewall?) Also, is the data that travels over the PC ethernet cable and relayed via VOIP phone separated? I would think so.

Cisco Catalyst 3560G POE switch.Layer 3

Gateway of last resort is 192.168.18.254 to network 0.0.0.0     172.16.0.0/30 is subnetted, 1 subnets C      172.16.30.0 is directly connected, GigabitEthernet0/22 C    192.168.18.0/24 is directly connected, Vlan1 S*  0.0.0.0/0 [1/0] via 192.168.18.254

If the switch is L3 then i would expect there 2 be L3 vlan interfaces on the switch, one for data and voice and not the firewall.

So a typical setup would be 2 vlans on switch, 1 for data, 1 for voice. Then a default-route on the switch pointing to the firewall.

Your original question seems to be asking why you would set the default-gateway for the computers to the switch and not the firewall. To me the logical thing to do is use the switch and not the firewall to route between vlans.

Am i misunderstanding what you are asking ?

Jon

There is likely not a slowness issue involving this type of setup. I am just trying to understand why, that on the servers and PCs, they are using the switch as default gateway instead of more commonly used firewall. I was also told that when they did set the PCs and servers to use firewall it caused issues. If PC>VOIP phone>switch>firewall is cabled in exact fashion, then why would it cause issues? Does the data not travel in its' own packets to the switch port and then get addressed by the setting in the packet, i.e.," PC says I'm using .254 as gateway and I don't care what the phones are doing", even though the actual cabling is routed thru the phones?

Keith

There is likely not a slowness issue involving this type of setup. I am just trying to understand why, that on the servers and PCs, they are using the switch as default gateway instead of more commonly used firewall.

Actually if there is a L3 switch in the LAN then by far the commonest solution is to use the L3 switch as the default-gateway for all vlans. It is only common to set the firewall as a default-gateway if you have a L2 switch only in your network which is typical of a small network.

So in experience the computers are using the correct setup. More interestingly is why the phones are using the firewall as a default-gateway and not the switch as well.

With a VOIP setup there are usually 2 vlans on the connection from switch to phone/computer, 1 for the phone and one for the computer. That is the way the traffic is separated.

Jon

Maybe some sort of call services functionality is not local, so off they go...?

Thanks for the 'most common' answer. I understand it will route it. The phones, I have no idea of the gateway they use. Haven't seen them. But yes, I do not understand having VLANs separated either. Thanks for your help. It still leaves out the fact of using firewall would somehow cause issues but at least I know that the layer3 is more commonly used this way then. I guess, LOL, I'm too old and have been around layer 2 setups for too long.

what kind of phones? on some cisco ones you can go thru some menus (working from memory here) and find their default network settings....