12-06-2013 08:05 AM - edited 03-11-2019 08:14 PM
VPN-ASA5505# sh route inside
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is <IP address> to network 0.0.0.0
S 172.16.55.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 192.168.174.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.1.43.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.1.32.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.225.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.35.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.8.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.9.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.10.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.12.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.2.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.160.0.0 255.255.0.0 [1/0] via 10.161.0.1, inside
C 10.161.0.0 255.255.0.0 is directly connected, inside
S 10.162.7.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.30.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.19.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.20.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.21.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.110.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.99.0 255.255.255.0 [1/0] via 10.161.0.1, inside
S 10.162.95.0 255.255.255.0 [1/0] via 10.161.0.1, inside
VPN-ASA5505#
VPN-ASA5505#
VPN-ASA5505# sh route outside
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is <IP address> to network 0.0.0.0
S 10.92.1.1 255.255.255.255 [1/0] via <IP address>, outside
C <IP address> 255.255.255.224 is directly connected, outside
S* 0.0.0.0 0.0.0.0 [1/0] via <IP address>, outside
VPN-ASA5505#
VPN-ASA5505#
VPN-ASA5505# sh run | incl route
route outside 0.0.0.0 0.0.0.0 <IP address> 1
route inside 10.1.32.0 255.255.255.0 10.161.0.1 1
route inside 10.1.43.0 255.255.255.0 10.161.0.1 1
route inside 10.160.0.0 255.255.0.0 10.161.0.1 1
route inside 10.162.2.0 255.255.255.0 10.161.0.1 1
route inside 10.162.7.0 255.255.255.0 10.161.0.1 1
route inside 10.162.8.0 255.255.255.0 10.161.0.1 1
route inside 10.162.9.0 255.255.255.0 10.161.0.1 1
route inside 10.162.10.0 255.255.255.0 10.161.0.1 1
route inside 10.162.12.0 255.255.255.0 10.161.0.1 1
route inside 10.162.19.0 255.255.255.0 10.161.0.1 1
route inside 10.162.20.0 255.255.255.0 10.161.0.1 1
route inside 10.162.21.0 255.255.255.0 10.161.0.1 1
route inside 10.162.30.0 255.255.255.0 10.161.0.1 1
route inside 10.162.35.0 255.255.255.0 10.161.0.1 1
route inside 10.162.95.0 255.255.255.0 10.161.0.1 1
route inside 10.162.99.0 255.255.255.0 10.161.0.1 1
route inside 10.162.110.0 255.255.255.0 10.161.0.1 1
route inside 10.162.225.0 255.255.255.0 10.161.0.1 1
route inside 172.16.55.0 255.255.255.0 10.161.0.1 1
route inside 192.168.174.0 255.255.255.0 10.161.0.1 1
VPN-ASA5505#
Solved! Go to Solution.
12-06-2013 08:16 AM
Hello,
From Reverse Route Injection VPN I guess
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
12-06-2013 08:16 AM
Hello,
From Reverse Route Injection VPN I guess
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
12-06-2013 08:18 AM
But wouldn't that being configured show up in the configuration? I don't see reverse route injection anywhere... What does the command look like?
12-06-2013 08:28 AM
Hello,
Show run | include reverse-route
10.92.1.1 belongs to which IP address pool? REmote IPsec users or Anyconnect?
Anyconnect by default has RR with no configuration needed
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
12-06-2013 08:29 AM
VPN-ASA5505# sh run | incl reverse-route
VPN-ASA5505#
I am guessing it's Anyconnect. Not sure how to tell that,either.... #FirewallNovice....
12-06-2013 08:33 AM
Hello,
Check if you have enabled webvpn.
That's the answer right there
Bud remember to rate all of the helpful posts
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
12-06-2013 08:38 AM
That would be yes. Thanks.
VPN-ASA5505# sh run | incl webvpn
webvpn
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
webvpn
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
webvpn
tunnel-group AnyConnect webvpn-attributes
12-06-2013 08:47 AM
sure man
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: