According to the output from netstat it appears that qfe0 is your external
interface and hme0 is your internal network. You might want to switch
cables!!
-----Original Message-----
From: Francisco Rebelo [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 16, 2001 10:42 AM
To: 'Jason Witty'
Cc: Firewall-1 list (E-mail)
Subject: RE: [FW1] Solaris routing concern
Here is the output of the netstat -rn
Routing Table:
Destination Gateway Flags Ref Use Interface
---------------------------------------------------------------
10.1.1.0 10.1.1.2 U 3 0 HME0
205.147.224.128 205.147.224.190 U 2 0 QFE0
224.0.0.0 10.1.1.2 U 3 0 HME0
default 10.1.1.1 UG 0 0
127.0.0.1 127.0.0.1 UH 0 10 Lo0
-----Original Message-----
From: Jason Witty [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 16, 2001 10:17 AM
To: Francisco Rebelo
Cc: Firewall-1 list (E-mail)
Subject: Re: [FW1] Solaris routing concern
Okay, firstly here's some commands you should know:
"netstat -rn "
\\prints the current routing table
"route add 2.2.2.0 1.1.1.1 1 "
\\adds a static route for the 2.2.2.0/24 network pointing it to gateway
1.1.1.1 with a metric of 1
"route get 10.1.1.1"
\\show the route that a network will take
Usually what people do is put a default route in place, pointing to your
external interface's next hop router (this can be added by doing a
"route add default 3.3.3.3", and can be made permanent by putting the
gatewway address (3.3.3.3 in this case) into the /etc/defaultrouter
file.)
Also, tracerouting from the box itself would tell you much, but if you
want to use it, use it like "traceroute -i hme0 www.wittys.com",
specifying which itnerface you want to to leave through.
I'd suggest if you want more help from the list, do a "netstat -rn" and
post the output along with your next post.
Hope this helps.
Jason
Francisco Rebelo wrote:
>
> Sorry if this is not exactly on topic but I'm stuck...
>
> Here is my situation, I'm new to Solaris and I have a Sparc 220r with 1
HME
> NIC and 1 QFE NIC. This is the box I would like to put FW-1 on (actually
> this is about the 5th time I've started from scratch trying to get this to
> work). The FW-1 docs tell me to make sure the box routes properly before
> installing FW-1, that's my problem. HME0 is my external interface and
QFE0
> is my internal. (This is all currently in a test environment) I can, with
> my internal PC, ping the internal and external interfaces of the Solaris
box
> but cannot ping the pc off the external interface. If I'm on the Solaris
> box I can ping everything. When I do a traceroute on the Solaris box it
> warns me that multiple interfaces were detected and then uses the first
> interface it finds as the source regardless of where I'm routing to. I
> looks to me like it is completely ignoring the routing tables, is this
> normal or am I missing something?
>
> Cisco Rebelo
> Network Manager
> Millbrook Incorporated
>
>
============================================================================
====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
