Our network is setup like this:

Internet ---[x.x.x.x] gw/firewall 1 [10.5.1.5] --- 10.5.0.0 network --- [10.5.1.40] cisco gw2 [89.80.89.100] --- 89.80.89.0 network

The gw1/firewall is a Watchguard technologies FireBox. The cisco gw 2 is a 10Mbit Cisco 1600 series router.

Most machines on the 89.80.89.0 network can see everything in the 10.5.0.0 network great, including the firebox (10.5.1.5) Most machines being Windows NT/2000 and HPUX.

However, we have two Redhat 9 machines that can't ping 10.5.1.5 most of the time, and can sometimes. The route seems to come and go. All the machines have a default gateway of 89.80.89.100

I think the problem is that the machines on 10.5.0.0 can't send a reply. Their default gateway is 10.5.1.5.

The 10.5.1.5 gw has this entry in its routing table:

net 89.80.89.0/16 (it won't let them put in /24 strangely) 10.5.1.40

It can ping 89.80.89.37 (NT Server) and 89.80.89.27 (HPUX 11) but can't ping 89.80.89.28 (RH 9) It also can't ping 89.80.89.100 (our end of the Cisco router)

They have to add a direct host route to be able to reach the Linux box:

89.80.89.28 gw 10.5.1.40

This is added to the firebox, and then any machine on 10.5.0.0 can ping Linux just fine! They have to add another entry to be able to ping 89.80.89.100

Why is this? Why doesn't the initial network route on 10.5.1.5 send them over here? What is going on? Any ideas?

Any computer in 10.5.0.0 can have the route added:

89.80.89.0 netmask 255.255.255.0 gw 10.5.1.40

and that computer can see any of our machines (including Linux) but the gateway won't do that...

Thanks for any insights!

If you have a dhcp server you could set it up to send out those static routes as part of the ip lease.