?
Solved

WatchGuard Firebox 700 reconfig error

Posted on 2003-11-24
3
Medium Priority
?
499 Views
Last Modified: 2013-11-16
Hi all...

I have a problem in reconfig my watchguard firebox. once I submit the config to firebix, below error message appear..

- default route indentical to external ip
- Address * appears both as a network and interface address
- invalid default route : not on external net

pls advise, thanks...
applecow

mycase:
Internet 203.194.128.xxx ZyXEL modem(192.168.1.1)
ZyXEL Modem connected to Firebox 700 external
Firebox 700 connected to switch
switch connected to server(192.168.1.10) and client station




0
Comment
Question by:cowapple
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 9818853
On your Firewall, you have specified the default Gateway as the same Address you specified for the external interface.   They cannot be the same.  

Plus, from your definition, it seems that you have the same subnet defined for the internal and external nets.  

Internet 203.194.128.xxx
|
(External IF)
ZyXel External Modem
(Internal IF 192.168.1.1)
|
(External IF)
Firebox 700
(Internal IF)
|
Switch
|
Server 192.168.1.10


If you look, you have the same subnet (unless you are subnetting but I doubt that) on the outside of your firewall as you have on the inside of your firewall.  THis is a no-no.  

Try assigning as follows
Internet 203.194.128.xxx
|
(External IF)
ZyXel External Modem
(Internal IF 192.168.1.1)
|
(External IF) 192.168.1.2 SM: 255.255.255.0 GW: 192.168.1.1
Firebox 700
(Internal IF) 192.168.2.1 SM: 255.255.255.0
|
Switch
|
Server 192.168.2.10 SM: 255.255.255.0 GW 192.168.2.1

Good luck
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10976337
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:

--> Accept: MikeKane

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

tim_holman
EE Cleanup Volunteer
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question