Thread: [7.450][QUESTION][OPEN] Static routes not working?
View Single Post
  #3 (permalink)  
Old 06-15-2009, 08:40 PM
trollvottel trollvottel is offline
Senior Schall und Rauch Member
  
Join Date: Nov 2008
Posts: 256
Default
Hello, I'll try to help you.

I assume your setup looks like this:

WAN (Red) -- [ASG] -- LAN INT-- [Cisco] -- LAN LAB

Your Routing setup (LAN LAB via Cisco) on ASG looks nearly correct but you should remove the "bound to internal" from the Gateway Network Definition. Also please check the packetfilter settings on the ASG (ICMP traffic is limited per default - which is needed for traceroute).

Be aware that response-traffic for LAN INT coming from LAN LAB will be directly delivered to the Clients in LAN INT by the Cisco.

Your setup will also trigger ICMP redirect messages because there is a better route for LAN LAB (directly through the cisco).

This is not a secure setup if you really want to securely limit communication between LAN INT and LAN LAB.
__________________
"Datenautobahn: Einrichtung zur schnellen Übertragung großer Datenmengen (z.B. über das Telefonnetz)" (DUDEN, 21. Auflage)

Mario Schmidt
QA Engineer
Astaro AG