Two VLAN on Same Server

Question

Hi, 
 here is my setup, i have 2 VLAN ( 20 and 30 ) and both have DHCP enabled, and both have similar setting.

VLAN is supposed to be used for Administration purposes and VLAN 30 for production traffic. 
 VLAN 20 does not have access to Internet Access and only Administration/Management port are open (22/3389/..) and accessible to some user. 
 VLAN 30 has internet access and only incoming connection on port 80/443 are allowed. 
 when a device is connected to both VLAN it creates two default routes and based on the metrics, sometime internet traffic is being route to VLAN 20 instead of VLAN 30

How can i prevent the route "default via 172.16.20.1" being created, in the DHCP option i can't leave the Gateway field blank, nor i can set "DHCP option 3"

Raphael Alganes · Answer

Hello, 
 Thanks for reaching out to Sophos Community. 
 Could you share a diagram showing how your network is connected and set up? Also, is this happening only to a specific server, as shown in the screenshot? 
 Further, I may also recommend using static IP address settings on the server for easier management and setup. Gateway* settings is a mandatory field on DHCP 
 I also notice the scope of your VLAN 30 DHCP to be providing only one lease: 
 
 Hope this helps. Have a nice day and thank you for choosing Sophos.