On Thu, 08 Jul 2004 02:51:17 GMT, "John Sasso" <(E-Mail Removed)>
wrote:
>We have several laptops running Redhat 9 using Linksys 802.11b cards, and
>Cisco 1200 series APs. We've found that to access networks beyond our
>local subnet, we must configure the default gateway on the laptop to be the
>IP address of the local wireless interface, and NOT the address of the
>router for the subnet the laptop is on (as one normally would). Note that
>w/o the default gw configured we can still ping hosts on the same subnet (of
>course).
>
>Why would we be having such a problem? If I bring my laptop home and
>configure the default gateway to be the IP address of my small router, it
>works fine. I'm wondering if it could be a config issue on the Cisco AP at
>work?
Another possibility is that some machine on your office LAN is spewing
RIP (router information protocol) updates that are advertising a bogus
route to the internet. If your Linux boxes are running routed (RIP2)
they may be getting redirected to the wrong gateway to the internet.
A clue is that if the default route (i.e. gateway) on your laptops
point to themselves, you should not be able to browse or ping IP
addresses on the internet as there is no way for the packets to get to
the internet. Therefore, I suspect that either something is
redirecting the packets as in the man in the middle exploit, or that
something (i.e. RIP) is setting the default route AFTER you set them
to the laptop IP address.
Check your routing table with:
route -nv
or
route -env
for the old style netstat output. Look for a weird default route or a
route that changes. Also, fire up arpwatch and see if the arp cache
is changing or similar weirdness.
--
Jeff Liebermann
(E-Mail Removed)
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558
Similar Threads
Linear Mode
