From owner-freebsd-questions@FreeBSD.ORG Fri Oct 24 19:35:28 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5808BDB8 for ; Fri, 24 Oct 2014 19:35:28 +0000 (UTC) Received: from mx1.blackfoot.net (mx1.blackfoot.net [216.14.232.10]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "spam.blackfoot.net", Issuer "GeoTrust DV SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2682F21E for ; Fri, 24 Oct 2014 19:35:27 +0000 (UTC) Received: from blackfoot.vision.net ([216.220.3.42]) by mx1.blackfoot.net ({9cf3d135-7b6e-4041-a57b-61a932741f4e}) via TCP (outbound) with ESMTP id 20141024193156234; Fri, 24 Oct 2014 19:31:56 +0000 X-RC-FROM: Received: from webmail.blackfoot.net (unknown [10.64.25.30]) (Authenticated sender: vagabond) by blackfoot.vision.net (Postfix) with ESMTPA id E9826720F; Fri, 24 Oct 2014 13:31:54 -0600 (MDT) Received: from 66.109.141.62 (SquirrelMail authenticated user vagabond) by webmail.blackfoot.net with HTTP; Fri, 24 Oct 2014 13:31:55 -0600 Message-ID: Date: Fri, 24 Oct 2014 13:31:55 -0600 Subject: From: "Gary Aitken" To: wam@hiwaay.net User-Agent: SquirrelMail/1.4.22 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-MAG-OUTBOUND: blackfoot.redcondor.net@216.220.3.42/32 Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Oct 2014 19:35:28 -0000 On 10/24/14 11:49, Gary Aitken wrote: >>> ... I have been tussling w/ getting my newly acquired WatchGuard FireBox >>> Edge firewall appliance setup. It requires a computer on the LAN on its >>> own IP block (192.168.111.0/8), w/ netmask 255.255.255.0. I was/am >>> trying to use ifconfig to set this box up on that block (temporarily >>> !!!) to get that thing setup & configured. When I (successfully) reset >>> my IP address to 192.168.111.27, I am able to access the device w/ my >>> browser. However, it asked for a user name & passwd, which I don't have >>> & which the manual which came w/ it doesn't specify :-/ .... Any clues >>> what those might be .... Slightly OT, I realize, however I will probably >>> later try to change it over to *BSD, as per an earlier post, in case >>> that helps .... TIA for any & all clues .... >> >> A quick web search shows >> admin/admin > 1st thing I tried, nogo :-/ .... I also saw a pw of "wg" listed with no admin userid; might try combinations of admin / wg, / wg, >> Separately, when I reset the IP address of this box back to normal >>> (192.168.0.27), I could no longer access the web, or my DSL modem (on a >>> firewall)) w/o rebooting. When I did an 'ifconfig re0', I got almost the >>> same output as before my twiddling, except that the 'inet' & inet6' >>> lines were switched (inet before inet6 before twiddling, inet after >>> inet6 after twiddling) .... Could that be the cause of my inability to >>> access the modem & web ? TIA here also :-/ .... >> >> That's because you changed the third digit of the ip address, and it is no >> longer in the same subnet >> as the rest of your network, which you just changed over to >> 192.168.111.27. If I understand what you >> said above correctly. All of the boxes have to reside on the same subnet, >> either 192.168.111.* or >> 192.168.0.*, in your scenario above. >Everything is on subnet 192.168.0.nnn/8, *except* the new firewall, so I set *just* my computer (this box, FBSD 9.3p2) to the 192.168.111.nnn/8 subnet using ifconfig. I could indeed reach the firewall through my simple switch (Netgear from Best Buy). However, when I set this box *back* to my usual subnet, nothing past the router (which the firewall is intended to replace) worked w/o a reboot. So you could get to all the systems on the local net, but nothing past the router, and other systems could go past the router as usual? When you say w/o a reboot, what was rebooted -- the router or your system, or both? If your system, you might check the routing tables (netstat -rn) to make sure a default route is present and that it is to the router. I found that when reconfiguring a system here changing the ip addrs on the interface with the default route resulted in the default route disappearing. See "man route"