routing table with the cc command (meaning change category or change context)
before manipulating individual routes. This is necessary for any category that could
contain more than one named group of objects.
Default Static Routes are Added Automatically for Each Interface
When the NetDefend Firewall is started for the first time, NetDefendOS will automatically add a
route in the main routing table for each physical interface. These routes are assigned a default IP
address object in the address book and these IP objects must have their addresses changed to the
appropriate range for traffic to flow.
Note: The metric for default routes is 100
The metric assigned to the default routes automatically created for the physical
interfaces is always 100.
These automatically added routes cannot be removed manually by deleting them one at a time
from a routing table. Instead, the properties of the interface must be selected and the advanced
option Automatically add a route for this interface using the given network must be disabled.
This will remove any route that was added automatically at startup. This option has no other purpose
but to delete the automatically added routes.
The all-nets Route
The most important route that should be defined is the route to all-nets which usually corresponds to
an ISP that provides public Internet access. If using the NetDefendOS setup wizard, this route is also
added automatically.
However, the option also exists for any physical interface to indicate that it should be used for
connection to the Internet. In the Web Interface this is an advanced setting in the Ethernet interface
properties called:
Automatically add a default route for this interface using the given default gateway.
When this option is selected, the appropriate all-nets route is automatically added to the main
routing table for the interface.
Example 4.2. Adding a Route to the main Table
This example shows how an all-nets route is added to the routing table called main. This route will be for the ISP
connected to the wan interface and the ISP is accessed via a router with the IP address isp_gw_ip which will be
the gateway for the route.
Command-Line Interface
Change the context to the routing table:
gw-world:/> cc RoutingTable main
Add the route:
gw-world:/main> add Route Interface=wan Network=all-nets Gateway=isp_gw_ip
Return to the default CLI context:
gw-world:/main> cc
gw-world:/>
4.2.2. Static Routing Chapter 4. Routing
175
To Next Page
Loading...
