[ previous ] [ next ] [ threads ]
 
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] A route to this destination network already exists
 Date:  Fri, 05 Dec 2008 10:27:45 -0600 
Michael Pope wrote:
> Hi All,
> 
> I am trying to reconfigure a m0n0wall for some network changes and have run
> into the error above. Here's the environment:
> 
> Name Interface Interface_IP Newtork
> LAN sis0 192.168.165.1 192.168.165.0/24
> WAN sis1 x.x.x.x x.x.x.x/xx
> Unmanaged sis2 192.168.50.1 192.168.50.0/24
> Phone VLAN 2 on sis0 10.10.16.2 10.10.16.0/24
> 
> VLANs
> Interface VLAN_tag Description
> sis0 1 Managed VLAN
> sis0 2 Phone VLAN
> sis2 3 Unmanaged VLAN
> 
> Static Routes
> Interface Network Gateway
> LAN 10.10.16.0/24 192.168.165.31
> 
> Firewall Rules - LAN
> Action Proto Source Port Destination Port Description
> Block * LAN net * Unmanaged net * Block LAN (Managed) -> Unmanaged
> Pass * LAN net * * * Default LAN -> any
> Pass * x.x.x.x/xx * * * Allow 1:1 NAT'ted Traffic Outbound
> 
> Firewall Rules - Unmanaged
> Action Proto Source Port Destination Port Description
> Block * Unmanaged net * LAN net * Block Unmanaged -> LAN (Managed)
> Pass * Unmanaged net * * * Default Unmanaged -> any
> 
> Firewall Rules - Phone
> Action Proto Source Port Destination Port Description
> Pass * Phone net * * * Default Phone -> any
> 
> The m0n0wall is connected to a trunk switch performing VLAN static port
> tagging. The managed VLAN and the unmanaged VLAN both need to communicate
> with the phone VLAN and the phone VLAN needs to communicate with the managed
> VLAN and the unmanaged VLAN. But the unmanaged VLAN and the managed VLAN
> should not talk to one another. There is an Avaya gateway on the phone
> subnet that has an interface on both the managed VLAN (192.168.165.31) and
> the unmanaged VLAN (192.168.50.2). When I try to add the static route for
> the Unmanaged interface to route to the phone VLAN (UNmanaged 10.10.16.0/24
> 192.168.50.2), it says that A route to this destination network already
> exists. However, the other route is for the Managed VLAN and this route is
> for the Unmanaged VLAN. Can someone explain to me what I'm doing wrong?

Go to m0n0wallIPaddress/status.php and look at the Routing tables there. 
  That should clear it up a bit.  Each defined interface has a route to 
each other defined interface.  You may need to make some firewall rules, 
but the route is there.

			Lee