no route msg from log

Unanswered Question
Feb 10th, 2007


I am getting this message from PIX log " %PIX-6-110001: No route to from" when I tried pinging Please correct me if i am wrong but I know that PIX is just passing traffic in/out and not routing traffic. Could it be the router sending out this message to the syslog? I am trying to figure out the routing solution.

Any suggestion would be apprecited.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Sat, 02/10/2007 - 13:19


From the pix error message doc:-


Error Message %PIX-6-110001: No route to dest_addr from src_addr

Explanation This message indicates a route lookup failure. A packet is looking for a destination IP address which is not in the routing table.

Recommended Action Check the routing table and make sure there is a route to the destination


The pix still has to do route lookups to work out where you send the traffic. Your pix is saying it doesn't know how to get to Check your routing table on the pix "sh route" and if there isn't a route there you need to add it eg:

route "interface" "next-hop"



georgecisco01 Sat, 02/10/2007 - 17:31


Thanks for your quick response.

I did try your suggestion by adding routing statement in my pix but to no avail and I am still getting the message. I must be missing something, I'll check the router side and see if I can find something.


Jon Marshall Sun, 02/11/2007 - 03:43


Could you send me some more details ie.

1) where is the host in relation to your pix interfaces eg is it on the inside, the outside etc.

2) Could you print off the pix routing table.


georgecisco01 Sun, 02/11/2007 - 06:05


thanks again.

I've attached a diag and pix rt that will picture the scenario.

L3 (2 vlan2) vlan1 (24.3/23) vlan2 (50.3/24)

Rtr 1 network(24.0/23) Rtr 2 network (30.0/24)

Pc (vlan2) ip: 50.51/24 gw:50.3/24

pc (vlan1) ip: 25.49/23 gw:24.3/23

I have no problem with 24.0/24 and 50.0/24 routing, both of them can talk to each other and have internet connection. I can ping successfully from 24.0 to 30.0,but when I tried pinging 30.0 network from a pc in 50.0 I got no response and this is where I will get the no route message from the log. I provided also a trace route result from vlan2 pc.

Thanks & Regards

Jon Marshall Sun, 02/11/2007 - 11:55


Which firewall are you getting this error message from - fw1 or fw2 ?

Looking at the routing table i'm assuming that is the inside interface on fw2.

These two firewalls are not running in failover mode. On your rtr1 router do you have a route for pointing to fw1 ?

If is your inside interface on rtr1 then i would expect the next hop from your traceroute to be rtr2. You have drawn a connection from rtr1 to rtr2 - is this an actual connection.


georgecisco01 Sun, 02/11/2007 - 15:40


1. error message was coming from fw2 per syslog.

2. is the inside interface of fw2 and 30.11 is one of the server in 30.0 network.

3. Two fw (1&2) are not in failover mode.however, fw1 do have a failvover with another pix.

4. Rtr1 has a route for pointing to rtr1 e2/0 interface and pingable from any subnet except 50.0/24.

5. The connection in the drawing is right for rtr1 to rtr2. an isp manage router is in the middle both sides. OSPF was used to redistribute the route.

6. Your right, is inside on rtr1 and next hop should be rtr2.

Hope this won't confuse you.


Jon Marshall Mon, 02/12/2007 - 00:34


Can you check your routing table on rtr2. Is there a routing entry that points the network to fw2 instead of back down the link to rtr1 ?


georgecisco01 Thu, 02/15/2007 - 07:13

Hi Jon,

Thank you very much for your time and attention. I finally figured it out. I had to advertised the subnet and applied access-list back to back and now 50.0/24 can ping the 30.0/24. I just have to apply the same concept on the other side so it can see 50.0/24.

Thanks again.


This Discussion