In order for routes learned from RIP to be broadcast across the WAN, the respective remote sites can be entered into the WAN RIP table under
.The WAN RIP table contains the following values:
- Remote site
- Contains the name of the remote site.
- RIP type
- Specifies the RIP version used to propagate the local routes.
- Send RIP to this remote site.
- Specify whether RIP is to be propagated on the WAN routes. The RIP type must be set for this.
- Accept RIP from this remote site
- Specify whether RIP is to be accepted from the WAN. The RIP type must be set for this.
DANGERPlease bear in mind that WAN-side RIP represents a potential security risk.
- Masquerading
- Specify whether and how the device is masked on the route. This entry makes it possible to start WAN RIP even in an empty routing table. The following values are possible:
- Auto: The masquerade type is taken from the routing table (value: 0). If there is no routing entry for the remote site, then masquerading is not performed.
- On: All connections are masqueraded (value: 1).
- Intranet: IP masquerading is used for connections from the intranet, connections from the DMZ pass through transparently (value: 2).
- Block back routes (poisoned reverse)
- When blocking the return route (poisoned reverse), all routes learned/received on this interface are marked and returned as "unavailable "by directly setting the number of hops to 16 (or the maximum).
- Active proposing of RIP according to RFC 2091 activated
- The device supports RIP according to RFC 2091.
The setting "propose RFC 2091" is only relevant for active connection establishment. Passive connections accept the RIP version proposed by the remote site, regardless of how this switch is set.
For active connections that propose RIP as per RFC 2091, there is an optional fallback to "normal" RIP as per RFC 2453: A fallback occurs if the remote site does not respond to 10 retries of the first packet (10 retries take about 30 seconds).
The entry for the gateway is taken to be the IP address of the RIP partner at the other end of the WAN route. 0.0.0.0 can be entered here if a PPP negotiation is conducted over the WAN route and the IP address of the remote site is transmitted.
Note: In a central gateway, the setting "RFC 2091" can always be off and the "Gateway" entry always set to 0.0.0.0 because the central gateway always considers the gateway as specified at the subsidiary.
- Gateway
- Enter the IP address of the RIP partner.
- Source address (optional)
- Here you have the option to configure a sender address for the device to use in place of the one that would otherwise be used automatically for this target address.
If you have configured loopback addresses, you can specify them here as source address. You can enter an address in various forms:
- Name of the IP network (ARF network), whose address should be used.
- "INT" for the address of the first intranet.
- "DMZ" for the address of the first DMZ (Note: If there is an interface named "DMZ", its address will be taken).
- LB0…LBF for one of the 16 loopback addresses or its name.
- Furthermore, any IP address can be entered in the form x.x.x.x.
Note: If the source address set here is a loopback address, these will be used unmasked on the remote client. - Default routing tag
- This indicates the "default routing tag" applicable for the WAN link. When the device transmits over the WAN, it gives this tag to all untagged routes.
- Routing tag list
- This is a comma-separated list of the tags that the device accepts on the interface. If this list is empty, the device accepts all tags. If at least one tag is in the list, then the device only accepts the tags in this list. When sending tagged routes on the WAN, the device only propagates routes with valid tags. The device internally treats all routes learned from the WAN as untagged routes and propagates them on the LAN with the default tag (0). Over the WAN, however, it propagates routes with the tag that it learned.
- RX filter
- Specify here the filter to be applied when receiving (RX) RIP packets.
Note: You must first define the filter in the RIP filter list in order to use it here.
- TX filter
- Specify here the filter to be applied when sending (TX) RIP packets.
Note: You must first define the filter in the RIP filter list in order to use it here.