From owner-freebsd-questions@FreeBSD.ORG Fri Oct 24 20:29:04 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D4C3A321 for ; Fri, 24 Oct 2014 20:29:04 +0000 (UTC) Received: from fly.hiwaay.net (fly.hiwaay.net [216.180.54.1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A01979BF for ; Fri, 24 Oct 2014 20:29:04 +0000 (UTC) Received: from kabini1.local (rbn1-216-180-19-101.adsl.hiwaay.net [216.180.19.101]) (authenticated bits=0) by fly.hiwaay.net (8.13.8/8.13.8/fly) with ESMTP id s9OKT28p029285 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Fri, 24 Oct 2014 15:29:03 -0500 Message-ID: <544AB805.4030307@hiwaay.net> Date: Fri, 24 Oct 2014 15:35:17 -0500 From: "William A. Mahaffey III" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2 MIME-Version: 1.0 CC: freebsd-questions@freebsd.org Subject: Re: References: In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Oct 2014 20:29:05 -0000 On 10/24/14 14:31, Gary Aitken wrote: > On 10/24/14 11:49, Gary Aitken wrote: >>>> ... I have been tussling w/ getting my newly acquired WatchGuard FireBox >>>> Edge firewall appliance setup. It requires a computer on the LAN on its >>>> own IP block (192.168.111.0/8), w/ netmask 255.255.255.0. I was/am >>>> trying to use ifconfig to set this box up on that block (temporarily >>>> !!!) to get that thing setup & configured. When I (successfully) reset >>>> my IP address to 192.168.111.27, I am able to access the device w/ my >>>> browser. However, it asked for a user name & passwd, which I don't have >>>> & which the manual which came w/ it doesn't specify :-/ .... Any clues >>>> what those might be .... Slightly OT, I realize, however I will probably >>>> later try to change it over to *BSD, as per an earlier post, in case >>>> that helps .... TIA for any & all clues .... >>> A quick web search shows >>> admin/admin >> 1st thing I tried, nogo :-/ .... > I also saw a pw of "wg" listed with no admin userid; might try > combinations of > admin / wg, / wg, but I suspect you've already done the latter. > > Have you tried actually resetting the router to factory defaults? No, good idea :-) .... I'll try that (& other uname/pw combos) & see where I get .... > >>>> Separately, when I reset the IP address of this box back to normal >>>> (192.168.0.27), I could no longer access the web, or my DSL modem (on a >>>> firewall)) w/o rebooting. When I did an 'ifconfig re0', I got almost the >>>> same output as before my twiddling, except that the 'inet' & inet6' >>>> lines were switched (inet before inet6 before twiddling, inet after >>>> inet6 after twiddling) .... Could that be the cause of my inability to >>>> access the modem & web ? TIA here also :-/ .... >>> That's because you changed the third digit of the ip address, and it is no >>> longer in the same subnet >>> as the rest of your network, which you just changed over to >>> 192.168.111.27. If I understand what you >>> said above correctly. All of the boxes have to reside on the same subnet, >>> either 192.168.111.* or >>> 192.168.0.*, in your scenario above. >> Everything is on subnet 192.168.0.nnn/8, *except* the new firewall, so I > set *just* my computer (this box, FBSD 9.3p2) to the 192.168.111.nnn/8 > subnet using ifconfig. I could indeed reach the firewall through my > simple switch (Netgear from Best Buy). However, when I set this box > *back* to my usual subnet, nothing past the router (which the firewall is > intended to replace) worked w/o a reboot. > > So you could get to all the systems on the local net, but nothing past the > router, > and other systems could go past the router as usual? Yes. I didn't touch the router, only my box .... > When you say w/o a reboot, what was rebooted -- the router or your system, > or both? This box (my system) .... > If your system, you might check the routing tables (netstat -rn) to make > sure a > default route is present and that it is to the router. > I found that when reconfiguring a system here changing the ip addrs on the > interface with the default > route resulted in the default route disappearing. See "man route" Another good idea, I'll look @ that .... Thx. -- William A. Mahaffey III ---------------------------------------------------------------------- "The M1 Garand is without doubt the finest implement of war ever devised by man." -- Gen. George S. Patton Jr.