Re: [FW-1] Firewall Routing Issue with SNMP

Wed, 16 Oct 2002 09:36:46 -0700

Title: Message
I have seen problems in routing environment when polling the external interface and the response source IP comes from the nearest interface, namely the internal interface - this obviously doesn't tie up in the CP state tables...
 
But I cannot explain this in a switched environment.
 
Derin
-----Original Message-----
From: Lenny Sanchez [mailto:[EMAIL PROTECTED]]
Sent: 16 October 2002 14:52
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] Firewall Routing Issue with SNMP

Yes. They default to the 10.21.x.x.  From there IP forwarding is enabled etc.....
 
 

Lenny Sanchez
Systems Administrator
HealthGate Data Corp
781.685.4038
[EMAIL PROTECTED]

-----Original Message-----
From: Jeremy Stinson [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 15, 2002 11:03 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] Firewall Routing Issue with SNMP

Are your cisco switches default-gatwayed to your F5???
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]]On Behalf Of Lenny Sanchez
Sent: Tuesday, October 15, 2002 3:12 PM
To: [EMAIL PROTECTED]
Subject: [FW-1] Firewall Routing Issue with SNMP

Current Configuration (sorry about the picture)

                                web servers 10.21.x.x 
                                        |
                                Cisco switch 10.21.x.x (SNMP configured..failing)
                                        |
                                Cisco switch 10.21.x.x (SNMP configured...failing)
                                       |
                                F5 device doing IP forwarding (SNMP configured...working)
                                one interface 10.21.x.x
                                other interface 10.20.x.x
                                       |
                                Cisco switch 10.20.x.x (SNMP configured...working)
                                     
                                firewall (layer 3) (SNMP configured..working)
                                10.20.x.x
                                10.1.x.x
                                      |
                                Bay network Switch 10.1.x.x.
                                      |
                                Server for SNMP traps 10.1.x.x


The devices that are failing are sending traps, and they are getting to their destination.  But it is very sporadic, to the point where some devices are marked as no response inside of my SNMP server.  Is there a configuration inside the firewall (4.1 spk 3 running on IPSO 3.3) that I'm missing.

It gets worse.  This network is load balanced.  The same problems are happening.  Same set of devices are dropping, but  also the second firewall is not sending any traps at all.  It is configured identical to the first firewall...identical.

If anyone has any ideas, I will be happy to listen.

Thanks guys
                                       

                                                                                                       




**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender immediately and then delete from your system.

This footnote also confirms that this email message has been swept
for the presence of known computer viruses.

**********************************************************************

Reply via email to