Issue with routing ASA 7.2

Unanswered Question
Apr 1st, 2007

Dear All,

I facing an issue with routing in ASA 7.2, there is static route I want to remove it but, I could not

When I'm doing sh routes it shows the route (S 10.*.*.* [1/0] via 10.*.*.*, outside ) --> "this is the one I want to remove "

And when I'm doing sh run route it doesn?t appear there as it's static route!

note that we are not doing dynamic routing.

Please advice me on way to remove this route without affecting the other routes.

Many thanks ,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
David White Mon, 04/02/2007 - 09:00

Hi aalshammari,

Can you include your full version, and also the outputs of the show commands as well as the output when you attempt to remove the route. (You can modify the IPs if necessary - I just want to see what you are typing and the response from the firewall).



aalshammari Tue, 04/03/2007 - 22:12

Thanks dwhitejr,

I came to know this is known bug in this ASA 7.2 version

See below

Release Notes


Under ceratin conditions, a static route can be created that cannot be removed


An ASA running 7.2.2 can create a static route which cannot be removed. The

ASA has no matching IPSec SA for this entry and the route itself is not added

by the user



Further Problem Description:

A static route can be created on an ASA for which there is IPSec SA and there is

not a route entry which was created by the user. When the route itself is attempted to

be removed, the ASA will report "ERROR: No matching route entry found":

asa(config)# no route outside

ERROR: No matching route entry found

asa(config)# sho route | inc 192.168.192.

S [1/0] via, outside

David White Wed, 04/04/2007 - 05:37

Hi aalshammari,

Indeed, I ran across CSCsh49542 yesterday, and was going to post back but you beat me to the punch :-)

Glad you found your answer. Just as an FYI, the route is installed in the routing table via RRI, which is why it cannot be deleted with the 'no route' command.



Anonymous (not verified) Fri, 09/28/2007 - 07:02

Does this include version 7.0(6) as well?

Anonymous (not verified) Fri, 09/28/2007 - 07:02


This Discussion