Linux: Default gateway fails, must use local IP for defaul..

Archived from groups: (More info?)

We have several laptops running Redhat 9 using Linksys 802.11b cards, and
Cisco 1200 series APs. We've found that to access networks beyond our
local subnet, we must configure the default gateway on the laptop to be the
IP address of the local wireless interface, and NOT the address of the
router for the subnet the laptop is on (as one normally would). Note that
w/o the default gw configured we can still ping hosts on the same subnet (of
course).

Why would we be having such a problem? If I bring my laptop home and
configure the default gateway to be the IP address of my small router, it
works fine. I'm wondering if it could be a config issue on the Cisco AP at
work?

--john
2 answers Last reply
More about linux default gateway fails local defaul
  1. Archived from groups: (More info?)

    On Thu, 08 Jul 2004 02:51:17 GMT, "John Sasso" <jsassojr@nycap.rr.com>
    wrote:

    >We have several laptops running Redhat 9 using Linksys 802.11b cards, and
    >Cisco 1200 series APs. We've found that to access networks beyond our
    >local subnet, we must configure the default gateway on the laptop to be the
    >IP address of the local wireless interface, and NOT the address of the
    >router for the subnet the laptop is on (as one normally would).

    That's wrong.

    >Note that
    >w/o the default gw configured we can still ping hosts on the same subnet (of
    >course).

    Ok, the hosts and router are present and accounted for.

    >Why would we be having such a problem?

    Because you *MAY* have had your routers IP address hijacked by someone
    doing a "man in the middle" attack. Packets that are suppose to go to
    the router are instead going to some other computah, collected, and
    then forwarded to the real router. You can test for this by running:
    arp -a
    Ping the router and compare the MAC address for whatever it shows for
    the router IP address. If it doesn't agree with what's on the label,
    try to identify the manufacturer by the MAC address and deal with the
    perpetrator. You may also find arpwatch and arping handy (comes with
    RH9).

    >If I bring my laptop home and
    >configure the default gateway to be the IP address of my small router, it
    >works fine. I'm wondering if it could be a config issue on the Cisco AP at
    >work?
    >
    >--john
    >

    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
  2. Archived from groups: (More info?)

    On Thu, 08 Jul 2004 02:51:17 GMT, "John Sasso" <jsassojr@nycap.rr.com>
    wrote:

    >We have several laptops running Redhat 9 using Linksys 802.11b cards, and
    >Cisco 1200 series APs. We've found that to access networks beyond our
    >local subnet, we must configure the default gateway on the laptop to be the
    >IP address of the local wireless interface, and NOT the address of the
    >router for the subnet the laptop is on (as one normally would). Note that
    >w/o the default gw configured we can still ping hosts on the same subnet (of
    >course).
    >
    >Why would we be having such a problem? If I bring my laptop home and
    >configure the default gateway to be the IP address of my small router, it
    >works fine. I'm wondering if it could be a config issue on the Cisco AP at
    >work?

    Another possibility is that some machine on your office LAN is spewing
    RIP (router information protocol) updates that are advertising a bogus
    route to the internet. If your Linux boxes are running routed (RIP2)
    they may be getting redirected to the wrong gateway to the internet.
    A clue is that if the default route (i.e. gateway) on your laptops
    point to themselves, you should not be able to browse or ping IP
    addresses on the internet as there is no way for the packets to get to
    the internet. Therefore, I suspect that either something is
    redirecting the packets as in the man in the middle exploit, or that
    something (i.e. RIP) is setting the default route AFTER you set them
    to the laptop IP address.

    Check your routing table with:
    route -nv
    or
    route -env
    for the old style netstat output. Look for a weird default route or a
    route that changes. Also, fire up arpwatch and see if the arp cache
    is changing or similar weirdness.


    --
    Jeff Liebermann jeffl@comix.santa-cruz.ca.us
    150 Felker St #D http://www.LearnByDestroying.com
    Santa Cruz CA 95060 AE6KS 831-336-2558
Ask a new question

Read More

Laptops Default Gateway Configuration Wireless Networking