ASA, RIP, Default Gateway and Switch

Unanswered Question

I have the following network setup, ASA1 connected to 4.5MB Internet line, ASA2 connected to 1.5Mb Internet line, Switch w/ multiple VLAN's acting as Layer3 router. The ASA1, ASA2 and Switch all sit on the same VLAN. I have RIP setup so ASA1 and ASA2 know how to get to all the VLAN's on the switch. That part seems to be working OK. The issue I have, I would like to have ASA1 redistribute itself as the default route into RIP and, if possible, have ASA2 redistribute into RIP as a seconds gatweay with a higher metric. The problem I am having is the switch is showing ASA2 as the default route in the routing table from RIP and I am unsure why the switch is picking ASA2 over ASA1. FYI, ASA2 is also redistributing two L2L VPN's as well and that is working correctly. I have accomplished the L2L distribution by having ASA2 redistribute static. On the switch, the L2L IP's show up appropriatly. The switch I am using is a HP Procurve 5304 (it operates much like a Catalyst, in fact most of the commands are the same.) The only way I can direct traffic to ASA1 is by setting a default gateway to ASA1 but obviously that is not what I want to do. I would like to have everything distributed via RIP. Am I crazy in what I want to accomplish? Any ideas's why the switch would be picking ASA2 over ASA1? FYI I have tried the default-information originate command on ASA1 but it didn't seem to have any affect. Also, when I debug RIP on the switch, I see ( is ASA1)

RIP Rx Process routes from circuit version 2

RIP Route Mask NextHop Cost 1

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Marwan ALshawi Mon, 08/18/2008 - 21:30

dose ur switch support roue-map?

if yes

you can creat route map as in cisco like the following

route-map rip-map 10 permit

set metric 10

then apply it in the in terface connected to ASA2 in the inbound direction in the case the route config from ASA2 will have higher metric and ASA1 will be chosen as the prefered path

or u can make the communication between the ASA1 and 2 with the switch through static route only

and on the switch just redistribute the static route to ur rip

and in the static route on the switch make the static routes going to ASA2 with higher metric

liek in cisco

ip route [Distination] [mask] [next hop] [metric]

make the mertic 5 for example going to ASA2

but i this case u need a static route entry on each ASA for every vlan network pointing to the switch

good luck

please, if helpful Rate


This Discussion