m0n0wall Forum - Problem with static routes

« on: April 25, 2007, 01:36:46 »

dameron

Posts: 2

I have a pretty straightforward setup:

WAN1 -- m0n0wall --- LAN1(192.168.1.0/24) --- Sonicwall --- WAN2
|
|
LAN2 (10.0.1.0/24)

I can get to WAN1 or WAN2 on either the m0n0wall or Sonicwall by swapping the gateway on the client machine. When the LAN machine's gateway points to the Sonicwall I can see machines on LAN2 fine.

When I change my gateway to use the m0n0wall and add a static route such that:

Interface Network Gateway
LAN1 LAN2 Sonicwall IP
(192) (10.0.1.0/24) (192.168.1.3)

I get

PING 10.0.1.20 (10.0.1.20) 56(84) bytes of data.
From 192.168.1.2 icmp_seq=1 Redirect Host(New nexthop: 192.168.1.3)
64 bytes from 10.0.1.20: icmp_seq=3 ttl=128 time=0.763 ms

I can telnet to services on LAN2 but they become unresponsive as soon as the banner loads in telnet.

If I enter a static route in the client machine

route add -net 10.0.1.0 gw 192.168.1.3 netmask 255.255.255.0

The client connects fine.

I'm at a loss as to why this doesn't work. We have another Sonicwall that works very similarly to how I'm trying to get the m0n0wall to behave. Any help would be great.

Re: Problem with static routes

« Reply #1 on: April 25, 2007, 03:16:51 »

cmb	Posts: 851

If you check "Bypass firewall rules for traffic on the same interface" on the Advanced page, does that change anything?

Other than that...a static route is a static route. m0n0wall even sends ICMP redirects, as you're seeing, so the route is functioning. After your system gets the ICMP redirect, it's equivalent to adding a static route locally on the system so it working with a local static route and not without makes no sense.

Re: Problem with static routes

« Reply #2 on: April 25, 2007, 17:41:32 »

dameron

Posts: 2

As it turns out that fixed it straight away, which I find very odd since I tried troubleshooting it by opening up that interface completely in the firewall rules.

Thanks for your help.

Pages: [1]