After installing Bamburgh update, customers report loss of access to the internet when going through Guardian.
When the Bamburgh release is installed, internet access is lost via Guardian. In a bridge deployment, if the gateway of the bridge is set to the IP address of the internal router rather than the external router (as is recommended), it causes a routing loop.
Any traffic handled and processed by the Smoothwall, including but not limited to Guardian traffic, will not be able to reach the internet as it is forwarded to the internal router. Sending it back to the Smoothwall sends it back to the internal router, and so on, creating a logic loop. Previously, the Smoothwall unintentionally supported this, and so saved the customer from creating static routes for their internal subnets. However, this is considered extremely bad practice and is no longer supported, as of Bamburgh (Main Update 90).
The recommended fix is to change the gateway of the bridge to the external (internet side) router. But, prior to doing that, the customer should create static routes for each of their internal networks that are routed to via the internal router. The routes may be "supernetted" to reduce the number of routes required, that is, one route per unique subnet. These routes will have no apparent effect until the gateway is changed, at which point Guardian traffic should reach the internet from any of the (allowed and configured) internal networks.
- Go to Networking » Routing » Subnets.
- Add all subnets that are accessible via and through the internal router.
- Use the core switch as the gateway address
- The IP address to use as the gateway will be the IP of the internal router on the same subnet as the Smoothwall
|Last updated:||Author:||Contributions by:|
|07 July 2016||