Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000017543 - How to add static route in RSA Authentication Manager AM 8.0 or 8.1

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support on Nov 30, 2017

Version 3Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000017543
Applies To	RSA Product Set: SecurID RSA Product/Service Type: RSA Authentication Manager RSA Version/Condition: 8.1 Service Pack 1 Platform: SUSE Enterprise Linux O/S Version: 11 Service Pack 3
Issue	How to add static route in RSA Authentication Manager AM 8.0 or 8.1 The static routes added by command "route add" don't work.
Resolution	The static routes need to be added into both /etc/sysconfig/network/routes and `/etc/sysconfig/network/ifroute-eth0 (and/or /etc/sysconfig/network/ifroute-eth1 if the second NIC is enabled in AM 8.0/8.1) files. Then "service network restart".` The entries in the routing configuration files look like this: DESTINATION GATEWAY NETMASK INTERFACE [ TYPE ] [ OPTIONS ] DESTINATION GATEWAY PREFIXLEN INTERFACE [ TYPE ] [ OPTIONS ] DESTINATION/PREFIXLEN GATEWAY - INTERFACE [ TYPE ] [ OPTIONS ] To omit GATEWAY, NETMASK, PREFIXLEN, or INTERFACE, write `-` instead. The entries TYPE and OPTIONS may just be omitted. The route's destination is in the first column. This column may contain the IP address of a network or host or, in the case of reachable name servers, the fully qualified network or hostname. The second column contains the default gateway or a gateway through which a host or a network can be accessed. The third column contains the netmask for networks or hosts behind a gateway. The mask is `255.255.255.255`, for example, for a host behind a gateway. The last column is only relevant for networks connected to the local host such as loopback, ethernet, ISDN, PPP, and dummy device. The device name must be entered here. The entries in the routing configuration files look like this: # Destination Dummy/Gateway Netmask Device # 127.0.0.0 0.0.0.0 255.255.255.0 lo 204.127.235.0 0.0.0.0 255.255.255.0 eth0 default 204.127.235.41 0.0.0.0 eth0 207.68.156.51 207.68.145.45 255.255.255.255 eth1 192.168.0.0 207.68.156.51 255.255.0.0 eth1 https://www.suse.com/documentation/sles11/book_sle_admin/data/sec_basicnet_manconf.html
Workaround	The AM 8.1.1 Admin Guide gives slightly different method to add static route, with Teth0 table or corresponding Table Here is a synopsis example of what the manual says to do;
Notes	Pri = 192.168.1.84 DefGW = 192.168.1.61 remote net = 10.53.69.0 remote net GW = 192.168.1.92 all net masks = 255.255.255.0 sudo bash -c "echo '10.53.69.0 192.168.1.92 255.255.255.0 eth0' >> /etc/sysconfig/network/ifroute-eth0" sudo bash -c "echo '10.53.69.0 192.168.1.92 255.255.255.0 eth0 table Teth0' >> /etc/sysconfig/network/ifroute-eth0 table Teth0" sudo service network restart Note: it appears that the table Teth0 entry is used by Java applications such as openssl and Authentication Manager because if you only configure the first entry without the table Teth0, commands like ping will use the static route while java applications like openssl and AM will use the default route. This will be very confusing Errors received: "RTNETLINK answers: Invalid argument" is received if the bit in the IP address is not zero where the network mask is zero. Example: NETMASK=255.255.255.0 with DESTINATION ADDRESS=172.202.238.108 The "108" in the address needs to be replaced with 0 or replace the network mask with 255.255.255.255.
Legacy Article ID	a67015

Attachments

Outcomes

0 Comments

Recommended Content