This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

How to add a static route in RSA Authentication Manager 8.x

Article Number

000017543

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x

Issue

This article explains how to add a static route in RSA Authentication Manager 8.x.  This is useful because static routes added by using the route add command do not work.

Resolution

The static routes need to be added into both /etc/sysconfig/network/routes and /etc/sysconfig/network/ifroute-eth0.  They also need to be added to /etc/sysconfig/network/ifroute-eth1, if the second NIC is enabled in Authentication Manager 8.x. Once the change(s) is made, the command service network restart needs to be run.

The entries in the routing configuration files look like this:

DESTINATION           GATEWAY NETMASK   INTERFACE [ TYPE ] [ OPTIONS ] DESTINATION           GATEWAY PREFIXLEN INTERFACE [ TYPE ] [ OPTIONS ] DESTINATION/PREFIXLEN GATEWAY -         INTERFACE [ TYPE ] [ OPTIONS ]

To omit GATEWAY, NETMASK, PREFIXLEN, or INTERFACE, write - instead. The entries TYPE and OPTIONS may just be omitted.

  • The route's destination is in the first column. This column may contain the IP address of a network or host or, in the case of reachable name servers, the fully qualified network or hostname.

  • The second column contains the default gateway or a gateway through which a host or a network can be accessed.

  • The third column contains the netmask for networks or hosts behind a gateway. A mask of 255.255.255.255, for example, is for a host behind a gateway.

  • The last column is only relevant for networks connected to the local host such as loopback, ethernet, ISDN, PPP, and dummy device. The device name must be entered here.
     

The entries in the routing configuration files look like this:

# Destination     Dummy/Gateway     Netmask            Device  
 #  
 127.0.0.0         0.0.0.0           255.255.255.0      lo  
 204.127.235.0     0.0.0.0           255.255.255.0      eth0  
 default           204.127.235.41    0.0.0.0            eth0  
 207.68.156.51     207.68.145.45     255.255.255.255    eth1  
 192.168.0.0       207.68.156.51     255.255.0.0        eth1

For more information, see information from SUSE on Configuring a Network Connection Manually.

Workaround

The RSA Authentication Manager 8.2 SP1 Administrator's Guide gives a slightly different method to add the static route, with Teth0 table or corresponding Table

Below is a synopsis of How to Add a Persistent IPv4 Static Route.  Refer to the RSA Authentication Manager 8.1 Administrator's Guide for full details.
  1. Launch an SSH client, such as PuTTY.
  2. Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.

Note that during Quick Setup another user name may have been selected. Use that user name to login.

  1. To view the current routing table, type:
sudo ip -4 route show
  1. To add a persistent IPv4 route entry to a network interface routing file, type:
sudo bash -c "echo 'destination gateway subnet_mask eth0'>> /etc/sysconfig/network/ifroute-eth0"
For example, to add a persistent static route that sends all network traffic for any host in the 10.100.212.0 subnet (that uses the subnet mask 255.255.252.0) to the gateway 10.100.219.102, type:
sudo bash -c "echo '10.100.212.0 10.100.219.102 255.255.252.0 eth0' >>/etc/sysconfig/network/ifroute-eth0"
  1. To add a persistent IPv4 route entry to the corresponding table. Type:
sudo bash -c "echo 'destination gateway subnet_mask eth0 table Teth0' >> /etc/sysconfig/network/ifroute-eth0 table Teth0"
Notes:

• eth0 specifies the network interface, for example, eth0 or eth1.
• Teth0 specifies the table in the network interface routing file, such as Teth0 for the interface eth0.

For example, to add a persistent static route that sends all network traffic for any host in the 10.100.212.0 subnet (that uses the subnet mask 255.255.252.0) to the gateway 10.100.219.102, type:
sudo bash -c "echo '10.100.212.0 10.100.219.102 255.255.252.0 Teth0' >> /etc/sysconfig/network/ifroute-Teth0 table Teth0"
  1. Restart the network services. Type:
sudo service network restart

Notes

Pri = 192.168.1.84
DefGW = 192.168.1.61
remote net = 10.53.69.0
remote net GW = 192.168.1.92 
all net masks = 255.255.255.0

sudo bash -c "echo '10.53.69.0 192.168.1.92 255.255.255.0 eth0' >> /etc/sysconfig/network/ifroute-eth0"

sudo bash -c "echo '10.53.69.0 192.168.1.92 255.255.255.0 eth0 table Teth0' >> /etc/sysconfig/network/ifroute-eth0 table"

sudo service network restart

Errors received: "RTNETLINK answers: Invalid argument" is received if the bit in the IP address is not zero where the network mask is zero.
Example: NETMASK=255.255.255.0 with DESTINATION ADDRESS=172.202.238.108 The "108" in the address needs to be replaced with 0 or replace the network mask with 255.255.255.255.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 03:29 PM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.