The possibility that the tap address is the correct route rather than the firewall's internal address never occurred to me. That may very well be the problem.
Windows 2003 DHCP supports pushing route information via DHCP. We need that to support split routes due to VLANs. Endian's DHCP cannot do that (or at least I didn't see that option.) If it can I would happily use its DHCP. I'll take your suggestion and experiment with DHCP from Endian rather than Windows to collect the proper values. On a side note, I'm using 2.1.2 rather than 2.2b because it's the "stable" release. Would you advise that I move to 2.2b? Thanks, Lane > When the efw is the dns/dhcp provider, the correct routes > are pushed to the clients. > > We may not be adding the route correctly. For instance, > maybe it's not the correct gateway address - maybe that > address should be the tap address. One way to test would to > be having a remote workstation use the dns/dhcp service of > the efw, and then listing its routes. > > Of course, to do that, you'd have to disable dhcp on the > 2003 server temporarily... > > I had trouble with routes using 4 firewalls with a mix of > efw versions 2.1 and 2.1.2, and what I do is create the > correct routes is to connect the client server to the main, > but also create a connection from the main to the client. > > And by also having all workstations use the efw for > dns/dhcp, so they'll be fed the correct routing. > > When it's up properly, everyone can ping everyone, with > minimal or no changes to the workstations. (no need to edit > the hosts files, for example) > > I wouldn't think the old ipsec settings would interfere, but > I suppose its possible. ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
