Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static Route entry in asa 5505

Hello:

I have pre configured a asa 5505 for internet and the problem I am having is when I run show route command my static route statement is missing from screen, even though when I run show conf I can see my default route in the asa configuration. I have deleted and readded the route entry and still no show. Am I missing something? Software version is 7.2(3) and this is brand new asa

If any body seen this problem please let me know, this is holding up the roll out.

Thanks.

18 REPLIES

Re: Static Route entry in asa 5505

show the output

sh run

sh route

New Member

Re: Static Route entry in asa 5505

I have done this, sh run indicates that a

static route exists as default route in my configuration

but when I run sh route the static route does not exist, it only show connected route.

Any idea on this?

Re: Static Route entry in asa 5505

i believe it might be a bug in version 7.2(3)

see this link for open Caveats for 7.2(3) http://www.cisco.com/en/US/docs/security/asa/asa72/release/notes/asarn723.html#wp260914

New Member

Re: Static Route entry in asa 5505

I have checked the caveats in 7.2(3) it only shows that directly conencted route will be missing for the route table, exactly reverse of this problem I am having.

Any solution to this?

Re: Static Route entry in asa 5505

have you tried adding the static route using ASDM?

New Member

Re: Static Route entry in asa 5505

Yes I have tried ASDM, CLI, saving the config

and reload. No luck. This should be a very simple case, adding the route and saving the config. When I attach the asa to the internet I can not go anywhere because of this problem, since there is no default route.

This is amazing so far?

Re: Static Route entry in asa 5505

i would upgrade to the next code or version 8 and give it a go. shouldn't take you long to upgrade.

New Member

Re: Static Route entry in asa 5505

Do you suggest that:

Should I go to 7.2(4) or straight to 8.0(3)?

Thanks.

Re: Static Route entry in asa 5505

i have used Version 8.0(2) including ASDM 6.(2) for a while now in production and no problems at all. not sure about 8.3.

give 8.0(2 a go.

New Member

Re: Static Route entry in asa 5505

Thanks I will try 8(2), but this is still mystery to me!

New Member

Re: Static Route entry in asa 5505

If any body has any idea on this, I even upgraded to 8.0(2) and asdm and still no go.

what am I missing from this asa?

Re: Static Route entry in asa 5505

Farshid,

please upload your config.

send us show version

and also your static route entry you are typing under CLI

New Member

Re: Static Route entry in asa 5505

I am still working on this.

Here is my config, very simple.

Result of the command: "sh version"

Cisco Adaptive Security Appliance Software Version 8.0(3)

Device Manager Version 6.0(3)

Compiled on Tue 06-Nov-07 22:59 by builders

System image file is "disk0:/asa803-k8.bin"

Config file at boot was "startup-config"

paasa up 10 mins 19 secs

Hardware: ASA5505, 256 MB RAM, CPU Geode 500 MHz

Internal ATA Compact Flash, 128MB

BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)

Boot microcode : CN1000-MC-BOOT-2.00

SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.01

IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04

0: Int: Internal-Data0/0 : address is 001d.7071.184a, irq 11

1: Ext: Ethernet0/0 : address is 001d.7071.1842, irq 255

2: Ext: Ethernet0/1 : address is 001d.7071.1843, irq 255

3: Ext: Ethernet0/2 : address is 001d.7071.1844, irq 255

4: Ext: Ethernet0/3 : address is 001d.7071.1845, irq 255

5: Ext: Ethernet0/4 : address is 001d.7071.1846, irq 255

6: Ext: Ethernet0/5 : address is 001d.7071.1847, irq 255

7: Ext: Ethernet0/6 : address is 001d.7071.1848, irq 255

8: Ext: Ethernet0/7 : address is 001d.7071.1849, irq 255

9: Int: Internal-Data0/1 : address is 0000.0003.0002, irq 255

10: Int: Not used : irq 255

11: Int: Not used : irq 255

Licensed features for this platform:

Maximum Physical Interfaces : 8

VLANs : 3, DMZ Restricted

Inside Hosts : Unlimited

Failover : Disabled

VPN-DES : Enabled

VPN-3DES-AES : Enabled

VPN Peers : 10

WebVPN Peers : 2

Dual ISPs : Disabled

VLAN Trunk Ports : 0

AnyConnect for Mobile : Disabled

AnyConnect for Linksys phone : Disabled

Advanced Endpoint Assessment : Disabled

This platform has a Base license.

Thanks.

New Member

Re: Static Route entry in asa 5505

Here is the show route command:

Result of the command: "sh route"

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

* - candidate default, U - per-user static route, o - ODR

P - periodic downloaded static route

Gateway of last resort is not set

C 127.1.0.0 255.255.0.0 is directly connected, _internal_loopback

C 10.254.254.0 255.255.255.0 is directly connected, inside

Re: Static Route entry in asa 5505

I think your outside interface is down.

show the output

sh int vlan 2

sh int e0/0

Re: Static Route entry in asa 5505

your outside interface is missing. check and make sure the outside interface is active, if not your static routes will not appear.

also why are u using vlan interfaces? is this a requirments?

New Member

Re: Static Route entry in asa 5505

Hi:

Here is silly question, does the static route only show when it is connected to the wna port?

What do you mean using vlan interfaces, this is the default config which I started using?

Thanks.

Re: Static Route entry in asa 5505

you can see your static route in the output of "sh route" command when one of the ports, associated with outside vlan is active "up".

351
Views
0
Helpful
18
Replies