I was a bit confused today as I saw a “wrong” route entry in the config of an SSG firewall. The route had not the correct “network/netmask” notation but a “host-address/netmask-of-the-network” notation. However, the SSG autocorrected this false route entry to the correct subnet id in its routing table.
The case was to create a route to the network “10.0.0.160/28″. However, the entry was falsified set to “10.0.0.165/28″, i.e., a wrong network address. This command (issued through NSM) was placed in the config of the SSG:
set route 10.0.0.165/28 interface ethernet0/6 gateway 172.16.1.99
However, the SSG autocorrected this entry to the correct subnet id, as the “get route” command revealed:
* 100 10.0.0.160/28 eth0/6 172.16.1.99 S 20 1 Root
The GUI showed the correct destination routing, too:
Anyway, I decided to correct the route in the NSM to the right one. 