Reverse-route injection on PIX 515 (6.3)

Unanswered Question
Mar 1st, 2008


I have a 515 PIX running version 6.3(4) which has 3 interfaces. One for the local network (inside), one for internet access (outside) and one for vpn tunnels.

The problem is that when i try to configure RRI i get:

crypto map mymap 1 set reverse-route

ERROR: unknown subcommand <reverse-route>

It is really annoying. Am I missing something?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
brettmilborrow Tue, 03/04/2008 - 07:10

PIX ver 6 does not support reverse route injection. You need to configure the routes manually. You need to specify a next hop on the network you wish to send the traffic to.

The traffic will not be routed to the address you specify, the command only allows the correct internal path for the traffic in order for the VPN subsystem on the PIX to recognize it and encrypt and forward on.

Hope that helps!


This Discussion