Follow

Static Routes - Basic Setup

Version 2.5 Version 3.0

Applies to Platform: UTM 3.0, 4i Edge 3.0
Last Updated: 25st February 2014

Applies to Platform: UTM 2.5, 4i Edge 2.5
Last Updated: 25st February 2014

This lesson will illustrate the necessary steps to configure a simple static route on a typical Endian appliance. This will allow us to configure routing (i.e. communication capabilities) between the Endian and other networks that may not live directly on the Endian but on an external router or through a VPN tunnel.

Configuration Example

?name=Network_Diagram_-_Static_Routes.png

In this simple example, we'll configure a static route to an external network that lives on a router within the Green network. As you can see the router has one interface in the Green network and another interface for the external network that lives outside the Green network.

Create Static Route

 

?name=media_1303153399259.png
static1.png

Now we'll add a static route in the Endian under Network > Routing > Static Routing. Here we'll leave the "Source Network" field blank to mean ANY and then supply the destination network (external) and the route gateway IP which is the Green IP of the external router.

Click Add Route and then Apply to complete the process.

Verify Route

?name=media_1303153732276.png
static2.png
 

Now you can verify the route works properly by pinging a device in the remote network (10.45.1.0/24) and vice versa. Be sure to check the appropriate firewall rules are in place to allow the desired level of communication between the two networks.

 

Was this article helpful?
4 out of 4 found this helpful
Have more questions? Submit a request

Comments

  • Avatar
    Daniele De Lorenzi

    Still valid for 2.5

  • Avatar
    dimi

    vice versa ping dont work

    what firewall rulles should i put in place to to allow the desired level of communication between the two networks.?

  • Avatar
    Juergen Viertbauer

    I add a static route to have a connection directly from the green to the blue zone. It doesn`t work! What Firewall-Rulles should i out in place? Please help! Thank you

  • Avatar
    Nicolas Neveur

    Hello, I add a bad route by mistake !!! and that mistake block me the acces of the web interface, i'm only able to access the console, where is the file that hold the config for the routing, so I'll be able to edit the files by removing my bad route and gain back my firewall !!!

    Please I need help, thanks in advanced

  • Avatar
    Endian QA Team

    Hi all, please open tickets in order to get help.

  • Avatar
    Lorenzo Lione

    Routing table seems not to work. I have some subnet behind the green interface, I set up a route on the Nework -> Routing form, but no route results in the roouting table (see screenshot).

    In fact if I make a traceroute EFW uses the RED interface to try to reach hosts in other "green" subnet. I also tryed to reboot EFW but nothing appens.

    Is EFW able to manage subnet behind GREEN interface or not? Can I manage them form the web interface?

    Reagards.

    L

     

  • Avatar
    Endian QA Team

    Dear Lorenzo,

    the "route" command is not the only one that shows routes.. check it out with "ip rule" and "ip route" ;)

  • Avatar
    Chris

    Hi,

    I have 5 Virtual Machines on a Virtual Network behind the Endian Firewall on network 192.168.0.0/24.

    Endian Interface on the Virtual Network is 192.168.0.15/24 (Green Zone)- Gateway for Virtual Network,

    Endian Interface on the Home Network is 10.10.125.84/18 - This interface get its IP address from the DHCP on the Physical Router.

    My laptop (SXXX-TC) sit on the Home Network with IP: 10.10.125.70/18.

    When the openVPN is connected, from Home Network I am able to ping Virtual Interface 192.168.0.15 but not any Virtual Machine on that network, and from the Virtual Network I am able to ping My Laptop in the Home Network.

    I want to be able to remote (RDP) into any of the VMs in the Virtual network from my laptop. How do I go about this? Please assist.

    I tried using openVPN but no success.

  • Avatar
    Endian QA Team

    Make sure the route are correct and you have also the route back, consider to edit the vmware vswitch security option to allow promiscuous mode..

    But this kind of issues should be addressed to our support team,

    Thanks

  • Avatar
    Dariel Núñez Llerena

    Hi!! I have something like the picture of the Configuration Example, BUT... on the entrance of the External Net I have another EFW protecting this subnet. My problem is that the users of this subnet can´t access to internet. what I have to do in order to grant access to internet to the users of this subnet?

     

    Thanks a lot...

  • Avatar
    Ruben Guerra Nina

     

     have 5 vlans 10.1.XX/16--10.2.0.X/24--10.1.0.X/24 emerging internet gateway (lan192.168.0.3/wan 172.16.1.44), the jump in the switch suguiente is the 192.168.0.3.any reference to the route add?. I have endian 3.0