11-11-2009 07:27 AM - edited 03-11-2019 09:38 AM
Hi everyone!
Weird problem on a PIX515 with 7.2.4: adding the "route inside 0.0.0.0 0.0.0.0 <gw> tunneled" fails.
See below:
PIX-1# sh run | inc route
route outside 0.0.0.0 0.0.0.0 x.x.x.x
route inside InternalNets 255.0.0.0 10.255.x.1 1
route inside 192.168.0.0 255.255.0.0 10.255.x.1 1
PIX-1# conf t
PIX-1(config)# route inside 0.0.0.0 0.0.0.0 10.255.x.1 tunneled
ERROR: Cannot add route entry, conflict with existing routes
Any ideas?
Thanks!
11-11-2009 07:52 AM
it's because you are using a inside interface in the tunneled route and outside interface for the default route.
Check this link:
http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/ip.html#wp1047900
11-11-2009 08:03 AM
What is he doing should work just fine. I use it on a few ASA's myself.
11-11-2009 08:05 AM
Hi Vikram,
I'm doing the same thing in an ASA:
route outside 0.0.0.0 0.0.0.0 y.y.y.y 1
route inside 10.0.0.0 255.0.0.0 10.5.x.x 1
route inside 0.0.0.0 0.0.0.0 10.5.x.x tunneled
Could it be a PIX/ASA difference? Something else? Same thing happens with 8.0.4 code as well.
Thanks!
11-11-2009 08:08 AM
Does it complain if you try adding the inside tunneled route first, then the outside route?
11-11-2009 08:12 AM
Hi,
Haven't tried that as we were accessing the PIX remotely via outside...
Will try to get someone to test it on-site for us.
11-11-2009 08:11 AM
are you saying it's working in ASA, if yes then we are only left with PIX/ASA difference.
what version are you running by the way.
11-11-2009 08:13 AM
Hi, I have a separate ASA5520 pair running 8.0.4 that is working fine with that configuration.
This particular scenario is another VPN headend, a single PIX515 running 7.2.x (same thing happened with 8.0.x code).
11-11-2009 09:09 AM
tried to lookup if there are any bugs, but no luck.
strange issue.
Not sure if a reboot would help.
11-15-2009 11:00 PM
would like to know if you managed to fix this issue.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: