Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

HSRP und Default-Route


uhm, I knoe this is a really strange question, but you know .. ;)

Let's assume I have a host (IP and wo router doing HSRP (phy and .202, HSRP-address is .200).

The host is configured with a default-gateway to the hsrp-address The HSRP-routers have a default-route configured to a firewall with the IP-address

strange setup, I know.

But, will this work? My first answer was no and I checked it in the lab and it didn't work.

Anyone knowing why? Or does it work?

Thanks a lot for any clarification.



New Member

Re: HSRP und Default-Route

It depends if the FW, router, and client are on the same subnet. If on the same subnet, than why not make the FW the default gateway?

Cisco Employee

Re: HSRP und Default-Route

This is normal behavior. The active HSRP router will forward the packets back the same interface they were received towards the FW. Usually an ICMP redirect would be sent to the originating workstation to let it know that there is a better path on the same subnet but configuring HSRP disables the ICMP redirect for the particular subnet on which it is configured.

Hope this helps,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
México móvil: +52 1 55 8312 4915
Cisco México 
Paseo de la Reforma 222 Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600

Re: HSRP und Default-Route

I have a similar configuration running in my network: Two HSRP routers with a FW as default gateway and network hosts with HSRP standby ip address as deafult gateway. It works fine. The only difference is both routers are IOS Catalysts 6500.

So please check your config.

P.S: My Catalysts use the command 'ip route A.B.C.D' to set default-gateway


New Member

Re: HSRP und Default-Route

do you have the host, the hsrp-routers and the firewall in the same network?

i set the default-gateway the way you did. are you using a fancy hsrp-config?




Re: HSRP und Default-Route

Yes, all they are in the same network.

I don't know what means fancy hsrp-config, but I'll tell you something about my config:

- In Catalysts IP and HSRP config is done under every 'interface VlanX' configuration. For config HSRP I use

interface Vlan1

ip add A.B.C.D mask

no ip redirects

standby 1 ip X.X.X.X

standby 1 priority 150

standby 1 preempt

where X.X.X.X is default-gateway for network hosts

and the same in the other Catalyst but wothout 'priority' and 'preempt' commands and, of course, different ip interface address (like your config).

- We're running OSPF (one area) in this backbone. All ip addresses fall in this OSPF area. OSPF and static routing configuration is identical for both Catalysts.

I'd recommend you to do some 'tracert' tests from your host to see where is the problem. This could be a good start point for troubleshooting.