I hope this is just a quick couple of questions and I'm just blind from finding it online.
When you deploy UAG, you can add routes that are needed for 2NIC and 3NIC configurations.
1. How do you delete one of these routes? I do not see ifroute-eth* files that I would normally see on Suse.
2. What is the proper process for adding a route?
Thank you!
These routes will ensure respective egress/ingress traffic will go via NIC which are configured for Management/Internal/External . For eg : Internal traffic to Management subnets where we will be having connection server,composer server, VDI DHCP subnet etc etc .. If you check route -n on suse you would see all the routes and of-course you can add/delete based on your requirement .I have done it for a 3 leg DMZ config and it work flawlessly.
Thank you for the reply.
Yes, I do know what the routes are for.
I am just wondering how you edit the routes that are put in during installation. I don't see a way to delete the routes that are added during deployment and I don't see them in any of the files that I would normally see them in on a Suse system. And how to properly add routes after deployment in case that is needed in the future.
Thanks!
I have added few routes and removed few after the deployment . Normal linux route add/remove command works in suse as well.
How do you add the routes. What are the commands. I have a UAG 3.0 deployed with 2 NICs. 1 for the DMZ and 1 for the internal network. Th default gateway is set the the DMZ. computers cannot ping the internal address when it is set this way. I can change the default gateway to the internal but then I cannot pint the address for the DMZ. This is a new deployment and I have limited knowledge of linux and professional services is not very helpful. I have been troubleshoot per-app vpn not working. Any assistance would be greatly appreciates for configuring the appliance with 2 NICs and making certain that both are accessible.
Thanks,
Jim
I ended up using yast to configure the routes.
During the deployment, I didn't use the area to add routes at all. I went in after and used yast and added what I needed.
Not sure if this is the proper way but I was able to modify the routes after deployment by modifying routes.sh in /opt/VMware/gateway/conf
I know this thread is a month old but none of the ways I would expect this to work actually worked. I did manage to figure out a workaround though:
- DOES NOT work:
1) edit the vApp options since it was deployed from OVA and that's where I've had to change vmware ova stuff in the past. If you add a static route to any of the NICs they do not actually "take"--at least in my travels.
2) tried a few typical ways to add files in /etc/sysconfig, /etc/systemd, etc, none of those get processed either (presuming custom init/ifup scripts I don't want to change).
- DOES work.
1) edit /opt/vmware/gateway/conf/routes.sh
2) add in a route statement and (optionally) a log insertion statement just like the ones that are in there now.
In my case:
route add -net 10.1.101.0 netmask 255.255.255.0 gw 10.1.100.1 dev eth1
reboot and it will remain persistent.
It feels dirty, because it'll probably get hammered next time we need to upgrade but I cant figure out another way to do it.
Hope that helps!
The correct and supported method is to specify the routes during the deployment of the appliance. Keep in mind a UAG is disposable and we redeploy them for any change (I've seen changes on older versions cause instability). The directions are covered here Using PowerShell to Deploy VMware Unified Access Gateway.