ASA 5510 static routes

Unanswered Question
Mar 26th, 2009

Good day to all.. Problem:

asa5510(config)# sh route

S 192.168.2.0 255.255.255.0 [1/0] via 195.xx.xx.xx, outside

S 10.1.1.0 255.255.255.0 [1/0] via 10.2.2.1, inside

S 192.168.1.0 255.255.255.0 [1/0] via 195.xx.xx.xx, outside

S* 0.0.0.0 0.0.0.0 [1/0] via 195.xx.xx.xx, outside

asa5510(config)# sh run | i route

route outside 0.0.0.0 0.0.0.0 195.xx.xx.xx 1

route inside 10.1.1.0 255.255.255.0 10.2.2.1 1

route inside 192.168.1.0 255.255.255.0 10.2.2.1 1

What is the route to 192.168.2.0 is STATIC(!)? And why 192.168.1.0 routes to outside interface?

Also, if I send command like as route inside 192.168.2.0 255.255.255.0 10.2.2.1, asa's answer ERROR: Cannot add route entry, conflict with existing routes. If I send command no route ouside 192.168.2.0 255.255.255.0 195.xx.xx.xx, asa's answer %No matching route to delete

Any ideas?

Software Version 8.0(4).

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a.alekseev Thu, 03/26/2009 - 23:07

I may suppose that you have configured RRI (reverse route injection)

Daniil Yanov Thu, 03/26/2009 - 23:42

There is a base (factory-defaults) config. I have added only a static routes.

Daniil Yanov Fri, 03/27/2009 - 00:18

I think the same as you, that if I reload ASA, problem will gone. But I can't to do this right now.

I'm trying to reload it on weekends. But any replies how to fix it without reload are welcome.

Renato Morais Thu, 12/09/2010 - 05:49

Try the following commands:

route outside 192.168.2.0 255.255.255.0 195.xx.xx.xx

no route outside 192.168.2.0 255.255.255.0 195.xx.xx.xx

clamasters Thu, 12/09/2010 - 13:24

I have seen some issues before, not exactly with 5510 but with other ASA's where when you factory reset your config, it'll sometimes make inside security 0 and outside security 100, effectively reversing the interfaces.  This could be the cause. 

Actions

This Discussion