11 August 2010

Static Routes 101 -P

When configuring perimeter devices such as TMG and UAG or ISA you normally have two network cards per device.

Typically one is connected to your Internal network and the other is connected to the Internet or External network.

When we manually assign setting to a network it is normally

Static IP Address
Subnet
Default gateway

DNS server 1
DNS server 2

When we have two network card on different network we cannot have more than one default gateway - since the point of the default is to "send it there if you don't know where to send it"

Okay so how does it know where to send traffic to in the first place?  Routing tables.

Routing table are automatically built as the machine sends and receive data to various networks.  If there is no route in the routing table it send it through the default gateway.  To ensure all traffic is routes correctly you need to specify your default gateway on your external nic.

Here is a typical setup. Your internal network is the 10.x.x.x range you want to ensure all traffic to this range is routed to the internal nic. (10.122.10.50 )

From the command prompt you will need to use the route command.

Route Print   -- this will show you all the current routes.
Route add / delete allows you to add or remove routes
 -f  Flushes the routing tables.
 -p if used with ADD will make the route persistent.

typically you will use the following command

route add 10.0.0.0 MASK 255.0.0.0 10.122.10.50 -P

If you do a route print now you will see a static persistent route has been added.  This means that all traffic destined for the 10.x.x.x range will be sent through your internal nic.

Here is an example of what my lab looks like.

No comments:

Post a Comment