managing router thru firewall (13 Views)
Reply
Occasional Visitor
Mark Kacanda
Posts: 3
Registered: ‎05-07-2000
Message 1 of 2 (13 Views)

managing router thru firewall

Does anyone know how to manage a router
that is protected by a firewall via a CS?
SNMP polling works properly but the device
remains critical because ICMP ping sweeps
fail because of the firewall.

Is there a way to disable ping-sweeps for
the router object?
Please use plain text.
Honored Contributor
Berlene Herren
Posts: 1,514
Registered: ‎10-11-1999
Message 2 of 2 (13 Views)

Re: managing router thru firewall

For 11.0, you can use an ndd parameter.

11.0 introduces a new concept called Dead Gateway detection where an ICMP Echo
Request(ping packet) is sent to all of the default gateways. If the gatewaydoes
not respond, then this gateway is moved to a dead gateway listand is not used
until ICMP Echo Requests start getting Replies.


In these situations, disabling the Dead Gateway Detection algorithm is needed.An
HP-UX 11.0 Transport patch will be released shortly to allow you to disable this
feature via ndd.

The ndd tunable will be ip_ire_gw_probe.
To disable Dead Gateway Detection:
ndd -set /dev/ip ip_ire_gw_probe 0

[PHNE_20735} is the right patch.
Did you set the ' ndd -set /dev/ip ip_ire_gw_probe 0 ' command ?
Note: parameter is not permanent ! you need to add it to the startup scripts of
your system.

You can also check out the document, Managing Your Networks Through a Firewall

http://www.openview.hp.com/products/nnm/library/index.asp?tbl=Paper&docid=29
http://www.mindspring.com/~bkherren/dobes/index.htm
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation