Solved

NetWare won't allow me to add a static route with a local IP address as the next hop

Posted on 2008-06-11
4
667 Views
Last Modified: 2013-12-25
We recently signed up with a new internet provider (Embarq Ethernet Services) who installed a switch and provided a WAN Gateway address that is in a completely different subnet than the IP address range they gave us for our equipment.  I need to set a default route up on our NetWare 6.5 sp4 server (which is also hosting Border Manager)  to use the new service.  Every time I add the route in INETCFG and "Reinitialize System" I receive the following error.

TCPIP-6.10-171:  xxx.xxx.xxx.xxx is a local address.  In the Static Route Configuration, the next hop for a remote route must not be a local address.

What makes this frustrating is the fact that I can- and have- configured both a Linux server and a Windows server successfully with the routes.

Below are examples of the addresses and routes that I've been working with (I changed the IP addresses so they are not real).

WAN Interface Gateway (provided by service provider) = 88.4.119.105 / 255.255.255.252
IP Address Range for our equipment (provided by service provider) = 88.4.117.208 / 255.255.255.240
IP Address of server = 88.4.117.210

As far a routes go, I've tried two different possiblities (both of which work on Windows and Linux).
1st Possiblity
                         Destination                   Mask                                NextHop
                         0.0.0.0                         0.0.0.0                              88.4.117.210

2nd Possiblity
                        Destination                    Mask                                NextHop
                        88.4.119.105                255.255.255.255              88.4.117.210
                        0.0.0.0                          0.0.0.0                              88.4.119.105

Am I missing something major or is what I'm trying to do impossible on NetWare?

Thanks,
Will
0
Comment
Question by:bennettr8
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 19

Expert Comment

by:alextoft
ID: 21766520
Protocols -> TCP/IP -> LAN Static Routing Table (make sure it says "enabled" on the line above -> Insert -> Default Route.

Then just put the gateway address in as the next hop. Don't be using "Network" or "Host" as the route type. Providing your server has an IP on the same subnet as the default route address it will work.
0
 

Author Comment

by:bennettr8
ID: 21771625
alextoft,

The last sentance in your comment is the crux of the problem.  IP of the server is not in the same subnet as the default route address.

Will
0
 
LVL 35

Accepted Solution

by:
ShineOn earned 500 total points
ID: 21788044
What are you using for a router?  The router should have a "private" address in the subnet range the provider gave for your network, and the "public" address should be on the subnet they gave for the "wan gateway."

My guess is the router is being picked up by the other systems you've tried this on, and passing the route through to the WAN gateway address for them.

As I've mentioned before in various questions when trying to connect NetWare, it's a secure system by nature.  It doesn't automatically allow traffic to networks it doesn't "know" about, which is why I asked about the router.  If the BorderManager server is supposed to be the router, then its public IP should be on the subnet given for the WAN gateway, but since your testing with Windows and Linux seem to function otherwise, my guess is that the WAN gateway address is on the public side of some piece of equipment that's got a private-side address in the 88.4.117.208 / 255.255.255.240 range.

Did you assign all of your equipment addresses in your new range, or were you assigning your test Windows and Linux boxes public IP's just for testing?

BorderManager doesn't secure anything if you put everything on the public network, because you're bypassing it if you do.
0
 

Author Closing Comment

by:bennettr8
ID: 31466252
Thanks ShineOn.  After 4 phone calls and spending a few hours on hold with the provider I got the rest of the information I needed.

I was assigning the public IP's to the Windows and Linux boxes for testing.

Thanks again!
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question