Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 9189 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG (XG115, SFOS version 18.0.1) CLI add static route - problem with command - route add

Ole20

Hi there,

because I have to access to a remote new installed Sophos XG 115, i accessed via ssh form a neighbour firewall to the Sophos XG 115 for setting a few temporary static routes, before continue configuring with the web-GUI coming from an other network.

The follwing example is made on a Sophos XG 115 in an lab environment.

Im using the command route add.

THE PROBLEM:
The route add command is not working as I expected.

QUESTION:
What is the correct syntax?


EXAMPLE:

Main Menu
5. Device Management
3. Advanced Shell

1. Checking the current routes:

XG115_XN03_SFOS 18.0.1 MR-1-Build396# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.255.0.0 0.0.0.0 255.255.255.0 U 0 0 0 GuestAP
192.168.45.0 192.168.46.1 255.255.255.0 UG 0 0 0 br0
192.168.46.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.48.0 0.0.0.0 255.255.255.0 U 0 0 0 Port2


2. Add the default route 0.0.0.0/0.0.0.0 to the routing table:

XG115_XN03_SFOS 18.0.1 MR-1-Build396# route add default gw 192.168.48.1
XG115_XN03_SFOS 18.0.1 MR-1-Build396# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.48.1 0.0.0.0 UG 0 0 0 Port2
10.255.0.0 0.0.0.0 255.255.255.0 U 0 0 0 GuestAP
192.168.45.0 192.168.46.1 255.255.255.0 UG 0 0 0 br0
192.168.46.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.48.0 0.0.0.0 255.255.255.0 U 0 0 0 Port2

-> This works as I expected and I can access the XG from an other network.


3. I don't need the temporary default route and delete it:

XG115_XN03_SFOS 18.0.1 MR-1-Build396# route del default
XG115_XN03_SFOS 18.0.1 MR-1-Build396# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.255.0.0 0.0.0.0 255.255.255.0 U 0 0 0 GuestAP
192.168.45.0 192.168.46.1 255.255.255.0 UG 0 0 0 br0
192.168.46.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.48.0 0.0.0.0 255.255.255.0 U 0 0 0 Port2

-> OK, the temporary default route is deleted


4. THE PROBLEM
I want to set a dedicated static IP route to the network 192.168.21.0/24

XG115_XN03_SFOS 18.0.1 MR-1-Build396# route add 192.168.21.0/255.255.255.0 gw 192.168.48.1
route: invalid number '255.255.255.0'
XG115_XN03_SFOS 18.0.1 MR-1-Build396#

QUESTION:
What is the correct syntax?

Thank you a hint.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Vishal_R

    Hi Vishal,

    thank you for your hint.

    I tried this, but an other error occurs:

    XG115_XN03_SFOS 18.0.1 MR-1-Build396# date
    Mon Aug 10 14:35:44 BST 2020
    XG115_XN03_SFOS 18.0.1 MR-1-Build396# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    10.255.0.0 0.0.0.0 255.255.255.0 U 0 0 0 GuestAP
    192.168.45.0 192.168.46.1 255.255.255.0 UG 0 0 0 br0
    192.168.46.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
    192.168.48.0 0.0.0.0 255.255.255.0 U 0 0 0 Port2

    XG115_XN03_SFOS 18.0.1 MR-1-Build396# route add 192.168.21.0/24 gw 192.168.48.1


    route: netmask 000000ff and host route conflict
    XG115_XN03_SFOS 18.0.1 MR-1-Build396#

    I tried also a few other well known styles.

    That is, why i am wondering about.

    It is a so normal every day used command. But it do not wordk.

    Regards

  • +1 in reply to Ole20

    Hi  

    I tested in local device and below works fine for me, Hope this will be helpful for you.

    1)
    SFVUNL_SO01_SFOS 18.0.1 MR-1-Build396# ip addr add 172.16.1.1/24 dev Port2

    2)

    SFVUNL_SO01_SFOS 18.0.1 MR-1-Build396# ip route add 172.16.1.0 via 10.201.209.254 dev Port2


    SFVUNL_SO01_SFOS 18.0.1 MR-1-Build396# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    10.201.209.0 0.0.0.0 255.255.255.0 U 0 0 0 Port2
    10.255.0.0 0.0.0.0 255.255.255.0 U 0 0 0 GuestAP
    172.16.1.0 10.201.209.254 255.255.255.255 UGH 0 0 0 Port2

    3)

    SFVUNL_SO01_SFOS 18.0.1 MR-1-Build396# ip route add 172.16.1.0/24 via 10.201.209.254
    SFVUNL_SO01_SFOS 18.0.1 MR-1-Build396# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    10.201.209.0 0.0.0.0 255.255.255.0 U 0 0 0 Port2
    10.255.0.0 0.0.0.0 255.255.255.0 U 0 0 0 GuestAP
    172.16.1.0 10.201.209.254 255.255.255.0 UG 0 0 0 Port2

  • 0 in reply to Vishal_R

    Hello Vishal,

    the ip route add command works perfect for me:

    XG115_XN03_SFOS 18.0.1 MR-1-Build396# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    10.255.0.0 0.0.0.0 255.255.255.0 U 0 0 0 GuestAP
    192.168.45.0 192.168.46.1 255.255.255.0 UG 0 0 0 br0
    192.168.46.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
    192.168.48.0 0.0.0.0 255.255.255.0 U 0 0 0 Port2
    XG115_XN03_SFOS 18.0.1 MR-1-Build396# ip route add 192.168.21.0/24 via 192.168.48.1
    XG115_XN03_SFOS 18.0.1 MR-1-Build396# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    10.255.0.0 0.0.0.0 255.255.255.0 U 0 0 0 GuestAP
    192.168.21.0 192.168.48.1 255.255.255.0 UG 0 0 0 Port2
    192.168.45.0 192.168.46.1 255.255.255.0 UG 0 0 0 br0
    192.168.46.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
    192.168.48.0 0.0.0.0 255.255.255.0 U 0 0 0 Port2
    XG115_XN03_SFOS 18.0.1 MR-1-Build396#

    Wondering myself why I hadn't tried before. I had entangled myself in the wrong approach to the "route add" command.

    Thank you very much.

    Ole