CAM routing configuration in a firewall environment.

Document ID : KB000053940
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Explains *ROUTING configuration restrictions in the file cam.cfg.

Solution:

In a firewall environment where you need to configure CAM to route traffic through a proxy outside the firewall you must ensure that an IP address range or IP address is specified only once when configuring the *ROUTING section in the cam.cfg file. The reason for this is that any entries that follow which contain the same IP address range or IP address will not be taken into account.

Bad example:

  *ROUTING
  forward nodename1 = 10.233.26.* 10.233.37.* 10.80.75.*
  forward nodename2 = 10.80.75.* 10.80.110.* 10.80.111.*

Good example:

   *ROUTING
   forward nodename1 = 10.233.26.* 10.233.37.*
   forward nodename2 = 10.80.75.* 10.80.110.* 10.80.111.*

In the bad example the appearance of the address range 10.80.75.* causes the problem because through nodename1, routing is not possible and routing for nodename2 is not processed because only the first occurrence of the address in the cam.cfg file is followed.