Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Static route from CLI being removed

Hey there,

My DHCP IP address from my carrier is 203.xx.xx.xx/16 but the gateway is in a different subnet 100.xx.xx.01.. wacky system, but not one I was really expecting..

The issue I'm running in to is that I'm trying to establish a backup IPSec tunnel for this service and so I want the remote site to be specifically routed out of this interface.. I've attempted to set this in the GUI as follows but it the traffic just doesn't head out that interface.. I've tried SD-WAN routes too.. but again, it stubbornly refuses to go out this gateway..

What does work however is setting a static route via the CLI..

XG115_XN02_SFOS 19.0.1 MR-1-Build365# ip route add 202.xxx.xxx.xxx/32 dev Port2

XG115_XN02_SFOS 19.0.1 MR-1-Build365#

This works really well and the failover configuration is fantastic.. until at midnight a day or two later the static route is removed..

Any help would be greatly appreciated..



This thread was automatically locked due to age.
Parents
  • ip route commands on advanced shell are not officially supported and will be replaced after a while (or reboot). 

    You should configure the route via Webadmin. If you do it via Webadmin, the route should work - If not, you should look into the packet capture and check the route precedence. 

    __________________________________________________________________________________________________________________

  • Ok, but what about IPSec? What if iwanna add statuc route to IPSec via GUI? I cant select nexthop as IPsec interface. Or im missing sth. In GUI i can choose it only in multicast routing int is called "ipsec connections" 

    __________SETUP___________

    HP Small Form Factor:  i5 4Cores, 8Gb of RAM.
    Intel Network Card 5x Eth
    SSD: 256Gb

Reply
  • Ok, but what about IPSec? What if iwanna add statuc route to IPSec via GUI? I cant select nexthop as IPsec interface. Or im missing sth. In GUI i can choose it only in multicast routing int is called "ipsec connections" 

    __________SETUP___________

    HP Small Form Factor:  i5 4Cores, 8Gb of RAM.
    Intel Network Card 5x Eth
    SSD: 256Gb

Children