cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
364
Views
0
Helpful
5
Replies

Issue with routing ASA 7.2

aalshammari
Level 1
Level 1

Dear All,

I facing an issue with routing in ASA 7.2, there is static route I want to remove it but, I could not

When I'm doing sh routes it shows the route (S 10.*.*.* 255.255.255.0 [1/0] via 10.*.*.*, outside ) --> "this is the one I want to remove "

And when I'm doing sh run route it doesn?t appear there as it's static route!

note that we are not doing dynamic routing.

Please advice me on way to remove this route without affecting the other routes.

Many thanks ,

5 Replies 5

David White
Cisco Employee
Cisco Employee

Hi aalshammari,

Can you include your full version, and also the outputs of the show commands as well as the output when you attempt to remove the route. (You can modify the IPs if necessary - I just want to see what you are typing and the response from the firewall).

Thanks,

David.

Thanks dwhitejr,

I came to know this is known bug in this ASA 7.2 version

See below

Release Notes

Symptom:

Under ceratin conditions, a static route can be created that cannot be removed

Conditions:

An ASA running 7.2.2 can create a static route which cannot be removed. The

ASA has no matching IPSec SA for this entry and the route itself is not added

by the user

Workaround:

None

Further Problem Description:

A static route can be created on an ASA for which there is IPSec SA and there is

not a route entry which was created by the user. When the route itself is attempted to

be removed, the ASA will report "ERROR: No matching route entry found":

asa(config)# no route outside 192.168.192.0 255.255.255.0 192.168.1.1

ERROR: No matching route entry found

asa(config)# sho route | inc 192.168.192.

S 192.168.192.0 255.255.255.0 [1/0] via 192.168.1.1, outside

Hi aalshammari,

Indeed, I ran across CSCsh49542 yesterday, and was going to post back but you beat me to the punch :-)

Glad you found your answer. Just as an FYI, the route is installed in the routing table via RRI, which is why it cannot be deleted with the 'no route' command.

Sincerely,

David.

Does this include version 7.0(6) as well?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: