I have pre configured a asa 5505 for internet and the problem I am having is when I run show route command my static route statement is missing from screen, even though when I run show conf I can see my default route in the asa configuration. I have deleted and readded the route entry and still no show. Am I missing something? Software version is 7.2(3) and this is brand new asa
If any body seen this problem please let me know, this is holding up the roll out.
I have done this, sh run indicates that a
static route exists as default route in my configuration
but when I run sh route the static route does not exist, it only show connected route.
Any idea on this?
i believe it might be a bug in version 7.2(3)
see this link for open Caveats for 7.2(3) http://www.cisco.com/en/US/docs/security/asa/asa72/release/notes/asarn723.html#wp260914
I have checked the caveats in 7.2(3) it only shows that directly conencted route will be missing for the route table, exactly reverse of this problem I am having.
Any solution to this?
Yes I have tried ASDM, CLI, saving the config
and reload. No luck. This should be a very simple case, adding the route and saving the config. When I attach the asa to the internet I can not go anywhere because of this problem, since there is no default route.
This is amazing so far?
i have used Version 8.0(2) including ASDM 6.(2) for a while now in production and no problems at all. not sure about 8.3.
give 8.0(2 a go.
I am still working on this.
Here is my config, very simple.
Result of the command: "sh version"
Cisco Adaptive Security Appliance Software Version 8.0(3)
Device Manager Version 6.0(3)
Compiled on Tue 06-Nov-07 22:59 by builders
System image file is "disk0:/asa803-k8.bin"
Config file at boot was "startup-config"
paasa up 10 mins 19 secs
Hardware: ASA5505, 256 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.01
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Int: Internal-Data0/0 : address is 001d.7071.184a, irq 11
1: Ext: Ethernet0/0 : address is 001d.7071.1842, irq 255
2: Ext: Ethernet0/1 : address is 001d.7071.1843, irq 255
3: Ext: Ethernet0/2 : address is 001d.7071.1844, irq 255
4: Ext: Ethernet0/3 : address is 001d.7071.1845, irq 255
5: Ext: Ethernet0/4 : address is 001d.7071.1846, irq 255
6: Ext: Ethernet0/5 : address is 001d.7071.1847, irq 255
7: Ext: Ethernet0/6 : address is 001d.7071.1848, irq 255
8: Ext: Ethernet0/7 : address is 001d.7071.1849, irq 255
9: Int: Internal-Data0/1 : address is 0000.0003.0002, irq 255
10: Int: Not used : irq 255
11: Int: Not used : irq 255
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 3, DMZ Restricted
Inside Hosts : Unlimited
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
VPN Peers : 10
WebVPN Peers : 2
Dual ISPs : Disabled
VLAN Trunk Ports : 0
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
This platform has a Base license.
Here is the show route command:
Result of the command: "sh route"
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 127.1.0.0 255.255.0.0 is directly connected, _internal_loopback
C 10.254.254.0 255.255.255.0 is directly connected, inside
your outside interface is missing. check and make sure the outside interface is active, if not your static routes will not appear.
also why are u using vlan interfaces? is this a requirments?
Here is silly question, does the static route only show when it is connected to the wna port?
What do you mean using vlan interfaces, this is the default config which I started using?