How to: Setup a Persistent Static Route for the CSA

Version 16

    Verified Product Versions

    Endpoint Manager 9.6Endpoint Manager 2016.xEndpoint Manager 2017.x

    Problem

     

    The Cloud Services Appliance is unable to talk with the Core
    The Cloud Services Appliance is unable to talk with the Internet

    The Cloud Services Appliance is correctly configured on the Core but is unable to activate online
    The Cloud Services Appliance has two network interfaces configured both with a gateway - only one is working

     

    Summary

     

    Having two gateways configured on a single device simply doesn't work, as the device will just use one of the two.

    If the Cloud Services Appliance has two network interfaces configured, make sure the only one interface, the one talking to the internet, has a default gateway configured.


    Then, if the Core Server is on a different network segment than the Cloud Services Appliance, and the next hop to reach the Core server is different than the default gateway, you need to set up a static route to address the traffic to the core via the correct router/firewall.

     

    Static route configuration is stored in a /etc/sysconfig/network-scripts/route-interface file.
    For example, static routes for the eth0 interface would be stored in the /etc/sysconfig/network-scripts/route-eth0 file.

     

    Prerequisites

     

    Before attempting to setup a persistent static route, be sure that you have added both the internal and external eth configurations into the CSA GUI. The external interface should have all the details and the internal interface should be added without a default gateway configured. Please see below screenshot for example.

     

    csa_network_configuration.png

     

    Solution

     

    1) Open the local console command line interface (press CTRL+ALT+F2 and type in "xterm") or open a SSH session to the appliance with an SSH client and elevate the command line with sudo su and the admin password.

     

    2) Create or update the file /etc/sysconfig/network-scripts/route-ethX (Replace X with the eth number configured for the internal network) with the following line:

     

    CoreServerSubnetID/24 dev ethX via Ip.Address.internal.gateway

     

    Example:

    Core server is using IP address 10.20.20.50. Eth1 on the CSA is configured as the internal network interface with IP address of 10.1.1.100 and default gateway of 10.1.1.1

     

    I would create or update the file /etc/sysconfig/network-scripts/route-eth1 with the following line:

    10.20.20.0/24 dev eth1 via 10.1.1.1

     

    3) Reload your network configuration with the command service network reload

     

    4) Verify the new static route with the command route

     

    5) Verify you can correctly communicate with the appliance from the Core Server