Setting permanent default gateway in OEL 6
Hello,
how can a default gateway be set permanently in OEL6?
At the moment I am setting iit manually every time the machine or the network service is restarted:
$ /sbin/route add -net default gw IPADDRESSThanks on advance.
Angel
Hi again,
looks like we managed to achieve the target following the steps in section 4.4 of the Deployment manual at http://linux.oracle.com/documentation/EL6/Red_Hat_Enterprise_Linux-6-Deployment_Guide-en-US.pdf. The link you provided was pointing to Development manual.
I created a file /etc/sysconfig/network-scripts/route-bond0.764 with the following content:
0.0.0.0/0 via 10.7.79.250 dev bond0.764Using the "network/netmask" format. That way it works all right:
$netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.7.79.250 0.0.0.0 UG 0 0 0 bond0.764Just for FYI, first of all I tried with the following content:
default 10.7.79.250 dev bond0.764But when bouncing the network service, I was getting this error:
Bringing up interface bond0.764: Error: either "to" is a duplicate, or "10.7.79.250" is a garbage.'Not sure which was the reason for this error anyway.
Looks like when using channel bonding, gateway specification in the usual files (/etc/sysconfig/network or /etc/sysconfig/network-scripts/ifcfg-bond* ) makes no effect for any reason.
Let me know if I can do something to find out why it makes no effect.
Thanks a lot for you help.
Angel
Let me know if I can help
Similar Messages
-
How to set two default gateway
Hi
I have following config on my Solaris 10 SunFireT2000 box
[root@sun4] ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
e1000g0: flags=1000863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 192.168.10.4 netmask ffffff00 broadcast 192.168.10.255
ether 0:14:4f:aa:77:10
e1000g0:1: flags=4001000862<BROADCAST,NOTRAILERS,RUNNING,MULTICAST,IPv4,DUPLICATE> mtu 1500 index 3
inet 192.168.10.14 netmask ffffff00 broadcast 192.168.10.255
e1000g1: flags=1000863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.20.3 netmask ffffff00 broadcast 192.168.20.255
ether 0:14:4f:aa:77:11
[root@sun4] cat /etc/defaultrouter
192.168.10.1
As seen, I have added only one entry in default router for 192.168.10.0 subnet and added other with command route add "192.168.20.0/24 192.168.20.1"
The problem: I can not connect the machine from the subnet other than 192.168.10.0 subnet. kindly help me with the correct way to set my network config.
Edited by: Mukesh.Prajapati on Sep 26, 2008 12:39 AMMukesh.Prajapati wrote:
Hi
I have following config on my Solaris 10 SunFireT2000 box
[root@sun4] ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
e1000g0: flags=1000863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 192.168.10.4 netmask ffffff00 broadcast 192.168.10.255
ether 0:14:4f:aa:77:10
e1000g0:1: flags=4001000862<BROADCAST,NOTRAILERS,RUNNING,MULTICAST,IPv4,DUPLICATE> mtu 1500 index 3
inet 192.168.10.14 netmask ffffff00 broadcast 192.168.10.255
e1000g1: flags=1000863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.20.3 netmask ffffff00 broadcast 192.168.20.255
ether 0:14:4f:aa:77:11
[root@sun4] cat /etc/defaultrouter
192.168.10.1Can you show the current routing table? (netstat -nr)
As seen, I have added only one entry in default router for 192.168.10.0 subnet and added other with command route add "192.168.20.0/24 192.168.20.1"Well the second one isn't a "default route", and it shouldn't be necessary to do at all. The system will bring up a route for the subnet as soon as the interface is brought up.
Darren -
Setting default gateway in subnetted network
I have a /24 that i have been using as 2 x/25. Recently i was asked to subnet the network into 1x /27, 3x /28 and 1x /30. Previously I just had one default gateway. Now how will I set the default gateway for all these subnets?
Hi ,
Yes if you want to route the traffic between subnets ,then you need gateway to defined on your network elements (router /L3 switches) .
After breaking into number of subnets , ensure you have created appropriate vlan on layer 2 switch if applicable , Switch port access accrodingly .
Use Subnet calculator
https://www.cisco.com/cgi-bin/Support/IpSubnet/home.pl
HTH
sandy -
How to setup default gateway in a DHCP client. The default gateway will be the Ip address of the server that has RRAS installed, hence routing cabalities.
Hi Bill,
Thank you for replying back...Yes, I was actually asking how do you set the default gateway address on the DHCP server?,
I believe I got the answer below:
To configure the DHCP default gateway option Click Start, point to Administrative Tools and then click DHCP. In the console tree, expand the applicable DHCP server, expand IPv4, and then right-click Scope Options Click Configure Options, check 003
Router, type the applicable Server name and IP address, and then click OK.
Thank you -
I have a few languages installed, and Firefox's spellcheck seems to decide which language to use ''at random''. So I have to keep manually selecting the language I want. 99% of the time I want English. So how can I set English as a permanent default language, and leave the manual selection for those infrequent occasions when I want another language spellchecked?
Firefox should store the last used dictionary in the spellchecker.dictionary pref that you can check on the about:config page.
*http://kb.mozillazine.org/about:config
If you do not keep changes after a restart then see:
*http://kb.mozillazine.org/Preferences_not_saved
*https://support.mozilla.org/kb/Preferences+are+not+saved
Start Firefox in <u>[[Safe Mode|Safe Mode]]</u> to check if one of the extensions (Firefox/Tools > Add-ons > Extensions) or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance).
*Do not click the Reset button on the Safe mode start window or otherwise make changes.
*https://support.mozilla.org/kb/Safe+Mode -
How to set the default route on a RVS4000 to point to a gateway in the LAN
Hi
The dialog in the RVS4000 for static routes does not allow to set the default route to point to a gateway in the LAN. Clearly this is either a bug or a feature of the web-interface and not a restriction of the box, which runs some kind of linux. So my question is there a way around this problem rather then defining routes to n-class A networks to cover the internet? Like a terminal access to set the default route?
Thanks and cheers
FrankHi David
Thanks for your reply. I did already the first part and it seems that I presumed wrongly that the RVS4000 can be used as a layer 3 switch, instead it is only a 1-port gateway. Not that there is a technical limitation from the hardware or the OS of the box. It does layer 3 routing e.g. for its VLAN's. The only point to stop it from having the capability which I expect from something called router is to set its default route to the right gateway independant which port might be connected. The reason why I want a LAN port pointing to the gateway and do not use the WAN port without firewall is of course the VLAN capability of the LAN ports. The idea of the RVS is to bundle two nets, including the one where the gateway is on, and send it to a WAP4410N box, which nicely makes them wireless with different SSID's. Actually I have two ports connetced to the core network, if I am forced to have only the WAN port connected to the core, due to this artificial limitation, I would have to reconfigure a bit. Therefore I try to find an easier solution setting the route by "hand".
Cheers Frank -
Setting up IP,Subnet, default gateway and secondary gateway in solaris 10 x
Hi,
I am new to solaris.
I have instralled solaris10 x86 on my system.
I am not able to access internet as i am not able to setup address.
I use broadband and have static ip address.
How do i configure them...
ip, subnet, default gateway, and secondary gateway.
Thanks in advance.run sys-unconfig and after reboot set the parameters (IP, etc)
What do you mean second gateway? -
I have created two Virtual machine of windows server 2008 R2 (VM1 & VM2 respectively). I am configuring domain controller on VM1 and VM2 will be my member server.
My Host system is windows 7 and my ISP does NOT provide me with a static IP.
When I configure domain controller on VM1 it asks me to configure static IP address first. I have given 10.0.0.2 as a static IP on VM1 and the default value of subnet mask is populated.
For preferred DNS and Alternate DNS server I have given the same static IP address (i.e 10.0.0.2).
Note - As am planning to use the local computer (i.e VM1) as my preferred DNS and alternate DNS.
Q1) What should I set as the 'default gateway' on VM1 ?
Q2) Once I've set up the domain controller, can I configure DHCP server on VM1 and assign IP to VM2 ?
Q3) VM2 being a (domain)member server, can we assign static IP to it ? If yes What would be the values in gateway, Preferred DNS and Alternate DNS field ?Thanks for answers. Doing this configuration for first time this is little confusing for me.
@Milos
Step No. 15 says
"If you do not have static IPv4 and IPv6 addresses assigned to your network adapters, a warning message might appear advising you to set static addresses for both of these protocols before you can continue."
The warning message did appear.
Before I start to configure Active Directory Domain Services, I
will have to provide a static IP to the system. Correct?
I have two virtual machines (windows server 2008 R2) running on my VMware workstation. I do not require two domain controllers, my requirement is the first virtual machine (i.e VM1) should be the domain controller and the second virtual machine (i.e VM2) should
me a domain member server (NOT a domain controller or a child domain)
As you have explained, that Before you run DCPROMO,
there is following configuration:
IP address 10.0.0.2
MASK 255.0.0.0
Deafault gateway 10.0.0.1 if
this is IP address of ryour outer.
Preferred DNS 10.0.0.2
I would like to understand, is this what you mean by having a static IP ?
I am pasting three screenshot below,
1st) ipconfig of my host system. -
I have a LAG with two VLANs in it.
Setup
VLAN 1 (Untaged default) is connected to the '192.168.11.x', which connects to the "10.1.10.x", which connects to the internet.
VLAN 3 (Tagged) is connected directly to "10.1.10.x" which connects to the internet.
Situation;
When both VLAN3 and VLAN1 are up, default gateway is 192.168.11.1
When VLAN1 is down, default gateway is 10.1.10.1
*Desired configuration;*
How do I make the VLAN3 interface the default, or the directly attached network of 10.1.10.x the default, when it is enabled?
I have tried this, but must be missing something;
+kevin-cossaboons-mac-pro:~ kevincossaboon$ sudo route -nv add -net 0.0.0.0 10.1.10.1+
Password:
+u: inet 0.0.0.0; u: inet 10.1.10.1; RTM_ADD: Add Route: len 128, pid: 0, seq 1, errno 0, flags:<UP,GATEWAY,STATIC>+
+locks: inits:+
+sockaddrs: <DST,GATEWAY,NETMASK>+
+default 10.1.10.1 default+
+route: writing to routing socket: File exists+
+add net 0.0.0.0: gateway 10.1.10.1: File exists+
+kevin-cossaboons-mac-pro:~ kevincossaboon$ netstat -r+
+Routing tables+
Internet:
+Destination Gateway Flags Refs Use Netif Expire+
+default 192.168.11.1 UGSc 30 171 bond0+
+10.1.10/24 link#13 UCS 3 0 vlan0+
+10.1.10.1 0.13.f7.af.e7.e6 UHLW 0 93 vlan0 995+
+10.1.10.13 0.18.39.3b.42.95 UHLW 0 26 vlan0 178+In your network preferences click the cog wheel and choose set service order. Then drag vlan3 to the top of the list.
-
Set default gateway on headless server (via ssh)
I'm trying to configure one of the two ethernet interfaces on a headless Xserve. I managed to give it an address and subnet mask with ifconfig, but I can't figure out how to give it a default gateway or dns server.
I tried using this:
sudo route add default gw xxx.xxx.xxx.xxx en0
but I got the error 'route: bad address: gw'
is there something wrong with my syntax, or does this just not work on OS X?Something's wrong with your syntax
Try:
<pre class=command>sudo route add default a.b.c.d</pre>
The keyword 'gw' is not needed, and you also don't need to specify an interface since the OS should be able to work it out from the IP address(es) assigned to your interface(s). -
Wrt54g default gateway setting
I am looking to use my wrt54g router with my FIOS and Actiontec router/modem. Both use the same default gateway. How do I change the default gateway on my wrt54g from 192.168.1.1 to 192.168.1.0?
When I open up this address with IE and the Linksys setup pages come up there is no place to change the default gateway. Any suggestions?
thank you in advance
JohnAre you trying to change the IP of your router? If so, that should be on the first page that comes up when you login to the router. I'm confused by you saying that you want to change the "default gateway."
-
The Default Gateway Is Not Available / Problem
Hello, I recently purchased this HP Pavileon laptop, and I've been encountering this problem very often (every 2-10 minutes). This problem is getting extremely frustrating as absolutely nobody has been able to provide a fix for this issue.
When the laptop is on battery mode (this does not happen when plugged in); I commonly get disconnected from my wi-fi connection and to fix it, I must run the troubleshooter. This temporarily fixes the issue by resetting the wi-fi adapter.
What I have tried and has not worked:
* Turn off to save power option in the driver settings (in Device Manager) untickets
* Updated drivers
* New power plan
* Tried different drivers
* Complete system restore
The wireless adapter is Realtek RTL 8188EE. Upon running the troubleshooter, this is all the information from the detailed information section:
Windows Network Diagnostics
Publisher details
Issues foundThe default gateway is not available
The default gateway is not availableThe default gateway is a device that connects a local network or computer to the Internet. A broadband modem or router is usually the default gateway.
Fixed
Reset the "WiFi" adapter
Completed
Investigate router or broadband modem issues
Not run
Issues found
Detection details
6The default gateway is not availableFixed
The default gateway is a device that connects a local network or computer to the Internet. A broadband modem or router is usually the default gateway.
Reset the "WiFi" adapterCompleted
This can sometimes resolve an intermittent problem.
Network Diagnostics LogFile Name: 2D0FE1F0-C2C2-43B5-A857-2D2B3C4B8A51.Repair.1.etl Investigate router or broadband modem issuesNot run
If you're connected to a hotspot or domain network, contact the network administrator. Otherwise: 1. Unplug or turn off the device. 2. Once all the lights on the device are off, wait at least 10 seconds. 3. Turn the device on or plug it back in to the power outlet. To restart a router or modem that has a built-in battery, press and quickly release the Reset button.
Detection details
Diagnostics Information (Network Adapter)
Details about network adapter diagnosis:
Network adapter WiFi driver information:
Description . . . . . . . . . . : Realtek RTL8188EE 802.11b/g/n Wi-Fi Adapter
Manufacturer . . . . . . . . . : Realtek Semiconductor Corp.
Provider . . . . . . . . . . . : Realtek Semiconductor Corp.
Version . . . . . . . . . . . : 2012.2.827.2013
Inf File Name . . . . . . . . . : C:\WINDOWS\INF\oem8.inf
Inf File Date . . . . . . . . . : 12 September 2013 10:17:00
Section Name . . . . . . . . . : HP8188ee.ndi
Hardware ID . . . . . . . . . . : pci\ven_10ec&dev_8179&subsys_197d103c
Instance Status Flags . . . . . : 0x180200a
Device Manager Status Code . . : 0
IfType . . . . . . . . . . . . : 71
Physical Media Type . . . . . . : 9
Diagnostics Information (Wireless Connectivity)
Details about wireless connectivity diagnosis:
Information for connection being diagnosed
Interface GUID: 7c04789b-0b43-472c-abd6-a84cb31e9053
Interface name: Realtek RTL8188EE 802.11b/g/n Wi-Fi Adapter
Interface type: Native WiFi
Connection incident diagnosed
Auto Configuration ID: 1
Connection ID: 1
Connection status summary
Connection started at: 2014-07-24 04:19:49-759
Profile match: Success
Pre-Association: Success
Association: Success
Security and Authentication: Success
List of visible access point(s): 0 item(s) total, 0 item(s) displayed
Connection History
Information for Auto Configuration ID 1
List of visible networks: 1 item(s) total, 1 item(s) displayed
BSS Type PHY Security Signal(RSSI) Compatible SSID
Infra <unknown> Yes 100 Yes Matt
List of preferred networks: 1 item(s)
Profile: Matt
SSID: Matt
SSID length: 4
Connection mode: Infra
Security: Yes
Set by group policy: No
Connect even if network is not broadcasting: No
Connectable: Yes
Information for Connection ID 1
Connection started at: 2014-07-24 04:19:49-759
Auto Configuration ID: 1
Profile: Matt
SSID: Matt
SSID length: 4
Connection mode: Infra
Security: Yes
Pre-Association and Association
Connectivity settings provided by hardware manufacturer (IHV): No
Security settings provided by hardware manufacturer (IHV): No
Profile matches network requirements: Success
Pre-association status: Success
Association status: Success
Last AP: 98-fc-11-88-61-b8
Security and Authentication
Configured security type: WPA2-PSK
Configured encryption type: CCMP(AES)
802.1X protocol: No
Key exchange initiated: Yes
Unicast key received: Yes
Multicast key received: Yes
Number of security packets received: 0
Number of security packets sent: 0
Security attempt status: Success
Connectivity
Packet statistics
Ndis Rx: 34302
Ndis Tx: 32619
Unicast decrypt success: 0
Multicast decrypt success: 0
Unicast decrypt failure: 0
Multicast decrypt failure: 0
Rx success: 0
Rx failure: 0
Tx success: 0
Tx failure: 0
Tx retry: 0
Tx multiple retry: 0
Tx max lifetime exceeded: 0
Tx ACK failure: 0
Roaming history: 0 item(s)
Diagnostics Information (Wireless Connectivity)
Details about wireless connectivity diagnosis:
For complete information about this session see the wireless connectivity information event.
Helper Class: Auto Configuration
Initialise status: Success
Information for connection being diagnosed
Interface GUID: 7c04789b-0b43-472c-abd6-a84cb31e9053
Interface name: Realtek RTL8188EE 802.11b/g/n Wi-Fi Adapter
Interface type: Native WiFi
Result of diagnosis: There may be problem
Diagnostics Information (Wireless Network Adapter)
Details about wireless network adapter diagnosis:
For complete information about this session see the wireless connectivity information event.
Helper Class: Native WiFi MSM
Initialise status: Success
Information for connection being diagnosed
Interface GUID: 7c04789b-0b43-472c-abd6-a84cb31e9053
Interface name: Realtek RTL8188EE 802.11b/g/n Wi-Fi Adapter
Interface type: Native WiFi
Profile: Matt
SSID: Matt
SSID length: 4
Connection mode: Infra
Security: Yes
Connect even if network is not broadcasting: No
Result of diagnosis: There may be problem
Network Diagnostics LogFile Name: 2D0FE1F0-C2C2-43B5-A857-2D2B3C4B8A51.Diagnose.0.etl
Other Networking Configuration and LogsFile Name: NetworkConfiguration.cab Collection information Computer Name: LAPTOP Windows Version:6.3Architecture:x64Time:24 July 2014 04:34:47
Windows Network Diagnostics Detects problems with network connectivity. Package Version:1.0Publisher:Microsoft WindowsRun the HP Support Asssitant's Tune up application. There should be a new BIOS available. sp66866
Have you installed the latest Windows 8.1 updates?
Do not install optional video graphics updates.
I was runnning into a similar problem with my HP product loan Envy Spectre 13 TouchSmart Ultrabook until I did the updates. I had upgraded my wireless router to a model with 802.11AC specification.
Invoke the Device Manager and ensure that the box next to Allow this computer to turn off this device to save power is unchecked.
****Please click on Accept As Solution if a suggestion solves your problem. It helps others facing the same problem to find a solution easily****
2015 Microsoft MVP - Windows Experience Consumer -
Can you set a default "Reply-To:" on a per account basis?
I have two accounts set up in Apple Mail. One is a work account, and the other is my personal iCloud account.
For my personal emails, I would prefer to have any replies directed to an "email-for-life" address. My college alumni association has a service, which is essentially an email forwarder. The beauty of this is that I am not tied to a particular ISP such as iCloud, mobileme, .mac, etc. If I change ISPs, I only have to update the infomation on the forwarding system rather that letting all my personal contacts know that my email address has changed. For them, my permanent email address is of the form "<firstname.lastname>@<college>.alumni.edu". As such, I cannot use that address as my "From" address, as mosts ISP requirethe From address for authentication. I suppose this helps prevent spoofing.
I have seen instructions for setting a Default "Reply-To:" address in Apple Mail by setting the UserHeaders in Mail prefs via a Terminal window:
To set: Enter the following in a terminal window:
defaults write com.apple.mail UserHeaders '{"Reply-To:"="[email protected]";}'
To review settings: Enter the following in a terminal window:
defaults read com.apple.mail UserHeaders
To clear settings: Enter the following in a terminal window:
defaults delete com.apple.mail UserHeaders
My problem is that this sets the default for all email accounts in Apple Mail. I only want to do this for my personal email account. I want emails sent from my work account to reply to the work email addresss.
Is there a setting on the defaults write ... command such that I can apply the UserHeaders to only one account?
Regards,
TimWhat you could do is first rename the record to be imported
IMPORT SOURCE_TBL AS PS_SOURCE_TBL_ORG;
Then write a insert/select script from PS_SOURCE_TBL_ORG to PS_SOURCE_TBL defaulting column EXCHANGE_RATE_OPTN
Insert into PS_SOURCE_TBL (COLUMN,COLUMN,COLUMN,COLUMN, EXCHANGE_RATE_OPTN)
select PS_SOURCE_TBL_ORG (COLUMN,COLUMN,COLUMN,COLUMN, 'defaultvalue');
And then drop table PS_SOURCE_TBL_ORG to clean up your database. -
Hi,
I am trying to disable updates, set as default browser option and import settings from other browers permanently for many users for firefox 31.0.
can you please help me with that. I know settings are going to prefs.js file in user profile. How can make this permanent for many users.Hi gaurav3012,
Permanent change would be locking preferences: [http://kb.mozillazine.org/Locking_preferences]
However importing many users profiles to different computers may require a new profile for each user.
Currently there is an option to import bookmarks from other browsers, but not preferences.
Update preferences can be read about here: [[Configuration Options for Updates]]
Firefox ESR is also another version of Firefox that is meant for Enterprise environments [https://www.mozilla.org/en-US/firefox/organizations/] that mostly has their support on their mailing list. -
Default Gateway when connected to VPN
Thanks for reading!
This is probably a dump question so bear with me...
I have set up a VPN connection with a Cisco ASA 5505 fronting internet, with the customers environment behind it (on the same subnet), When connected ot the VPN I can reach the inside Router fronting me and one switch behind the Router (every switch is connected to the router), but nothing else.
My beet is that the Router is messing with my connection, but,, nevermind that!, the setup ain't complete anyway... my question is more related to the Gateway I'm missing when I'm, from the outside, is connected to the VPN on the ASA, could this mess it up? Shouldn't I have a Standard-Gateway in the ipconfig settings in windows?
This is who it looks like now:
Anslutningsspecifika DNS-suffix . : VPNOFFICE
IP-adress . . . . . . . . . . . . : 10.10.10.1
Nätmask . . . . . . . . . . . . . : 255.255.255.0
Standard-gateway . . . . . . . . :
The internal network is :
172.16.12.0 255.255.255.0
Below is my config for the ASA, thanks a lot!!!!!!!
!FlASH PÅ ROUTERN FRÅN BÖRJAN
!asa841-k8.bin
hostname DRAKENSBERG
domain-name default.domain.invalid
enable password XXXXXXX
names
interface Vlan1
nameif inside
security-level 100
ip address 172.16.12.4 255.255.255.0
interface Vlan10
nameif outside
security-level 0
ip address 97.XX.XX.20 255.255.255.248
interface Ethernet0/0
switchport access vlan 10
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
clock timezone CEST 1
clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
dns server-group DefaultDNS
domain-name default.domain.invalid
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
access-list nonat extended permit ip 172.16.12.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list MSS_EXCEEDED_ACL extended permit tcp any any
access-list VPN-SPLIT-TUNNEL remark VPN SPLIT TUNNEL
access-list VPN-SPLIT-TUNNEL standard permit 172.16.12.0 255.255.255.0
tcp-map MSS-MAP
exceed-mss allow
pager lines 24
logging enable
logging timestamp
logging buffer-size 8192
logging console notifications
logging buffered notifications
logging asdm notifications
mtu inside 1500
mtu outside 1500
ip local pool VPN 10.10.10.1-10.10.10.40 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
asdm image disk0:/asdm-625-53.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 172.16.12.0 255.255.255.0
route outside 0.0.0.0 0.0.0.0 97.XX.XX.17 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 172.16.12.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 172.16.12.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
group-policy VPNOFFICE internal
group-policy VPNOFFICE attributes
dns-server value 215.122.145.18
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPN-SPLIT-TUNNEL
default-domain value VPNOFFICE
split-dns value 215.122.145.18
msie-proxy method no-proxy
username admin password XXXXXX privilege 15
username Daniel password XXXXX privilege 0
username Daniel attributes
vpn-group-policy VPNOFFICE
tunnel-group VPNOFFICE type remote-access
tunnel-group VPNOFFICE general-attributes
address-pool VPN
default-group-policy VPNOFFICE
tunnel-group VPNOFFICE ipsec-attributes
pre-shared-key XXXXXXXXXX
class-map MSS_EXCEEDED_MAP
match access-list MSS_EXCEEDED_ACL
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect icmp error
inspect pptp
inspect ipsec-pass-thru
inspect icmp
class MSS_EXCEEDED_MAP
set connection advanced-options MSS-MAP
service-policy global_policy global
privilege cmd level 3 mode exec command perfmon
privilege cmd level 3 mode exec command ping
privilege cmd level 3 mode exec command who
privilege cmd level 3 mode exec command logging
privilege cmd level 3 mode exec command failover
privilege cmd level 3 mode exec command packet-tracer
privilege show level 5 mode exec command import
privilege show level 5 mode exec command running-config
privilege show level 3 mode exec command reload
privilege show level 3 mode exec command mode
privilege show level 3 mode exec command firewall
privilege show level 3 mode exec command asp
privilege show level 3 mode exec command cpu
privilege show level 3 mode exec command interface
privilege show level 3 mode exec command clock
privilege show level 3 mode exec command dns-hosts
privilege show level 3 mode exec command access-list
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command vlan
privilege show level 3 mode exec command ip
privilege show level 3 mode exec command ipv6
privilege show level 3 mode exec command failover
privilege show level 3 mode exec command asdm
privilege show level 3 mode exec command arp
privilege show level 3 mode exec command route
privilege show level 3 mode exec command ospf
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode exec command eigrp
privilege show level 3 mode exec command crypto
privilege show level 3 mode exec command vpn-sessiondb
privilege show level 3 mode exec command ssh
privilege show level 3 mode exec command dhcpd
privilege show level 3 mode exec command vpnclient
privilege show level 3 mode exec command vpn
privilege show level 3 mode exec command blocks
privilege show level 3 mode exec command wccp
privilege show level 3 mode exec command webvpn
privilege show level 3 mode exec command module
privilege show level 3 mode exec command uauth
privilege show level 3 mode exec command compression
privilege show level 3 mode configure command interface
privilege show level 3 mode configure command clock
privilege show level 3 mode configure command access-list
privilege show level 3 mode configure command logging
privilege show level 3 mode configure command ip
privilege show level 3 mode configure command failover
privilege show level 5 mode configure command asdm
privilege show level 3 mode configure command arp
privilege show level 3 mode configure command route
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege show level 3 mode configure command crypto
privilege show level 3 mode configure command ssh
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
privilege clear level 3 mode exec command dns-hosts
privilege clear level 3 mode exec command logging
privilege clear level 3 mode exec command arp
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode exec command crypto
privilege cmd level 3 mode configure command failover
privilege clear level 3 mode configure command logging
privilege clear level 3 mode configure command arp
privilege clear level 3 mode configure command crypto
privilege clear level 3 mode configure command aaa-server
prompt hostname context
Cryptochecksum:aaa1f198bf3fbf223719e7920273dc2e
: endI didn't realise I had that crypto settings on, thanks my bad!!!
But... the 172.16.12.0 network is directly connected, the Router (that to be honest is a firewall) / switches is all on the same subnet (172.16.12.X/24), so sorry I didn't explain thoroughly, was more wondering about the GW and didn't want to overcomplicate things..
The Firewall/Router dosen't do any routing, so it should work right (I you count out the firewalling in the firewall and so forth, there shouldn't be any problems accomplishing this with the ASA)? The Firewall is more a DHCP for the clients/Firwall for the clients.. this will change in the future.. it will be removed,
the vpn network is staticly routed back to my ASA in that firewall...
I don't like this solution.. but this is who it looks.. for now..
(VPN network is 10.10.10.X/24)
But... shouldn't I see a default gateway under ipconfig when I'm connected to the VPN from internet, on the vpn client that's vpned in, is this correct?
THANKS for all the help!
Maybe you are looking for
-
Performance problems after EHP4
Hello, We have a small problem. After installing EHP4 for ERP and EHP1 for Netweaver 7 on AIX Oracle installation, an increase in dialog response time is reported. We upgraded last September 2009, and from then and to now, we have gone from an averag
-
Exported audio is same size of original video, after video'ss been cut
I have a 1.2GB video file, and its audio file is about 500MB. If I cut the video into pieces in iMovie, they get smaller, but the extracted audio piece is always 500MB. Is there any way around this ? Is it possible to split a video in QuickTime ? I w
-
Digital Signatures not enabled in Reader 8
I have created a form in LiveCycle Designer 8 and I have used the Digital Signature feature, but when the end user opens it up in Reader 8 they are unable to sign the document. Am I missing something is the creation side of it?
-
Problems creating Datasource in Weblogic for E-biz R12 DB
Hi, I've got an instance of E-Business Release 12 on a 10.2.0.2.0 DB which I am trying to create a Datasource and connection pool for in Weblogic Server 11g. I have successfully set up connections for other DB's but I am unable to connect to this Ebi
-
I lost all my data after clicking F11
Hi everybody! I have lost all my data when I clicked F11 and factory recovery was executed. Is there any way to return back the data? They are very important. They were all my data, very important including all data from university - for more than