Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problems with tunneled route on ASA 5510

Hi everyone,

I got a little routing issue with an ASA 5510. This device has two Internet connections , one for Browsing and other for Remote VPN Clients and a L2L VPN . I put a static route for the peer of L2L VPN and all seems to work fine.

Two days ago i noticed that Remote VPN clients didnt establish the connection ( fail reason: remote peer not responding). After some troubleshooting task i saw that it was a routing issue ( the VPN connection response from the ASA was send to the wrong link). I put one static route to the IP Address of the remote VPN client and it work fine. Because this was not a smart solution i searched in and find that one ASA appliance can have one default route for the normal traffic and other for the encrypted traffic that terminates in the equipment. So i declare in the ASA conf this two lines:

route INTERNET 0 0 x.x.x.x

route VPNLINK 0 0 y.y.y.y tunneled

After that, i made a test but it not work. I do not have IP verify reverse path feature enable ( this make a tunneled route fail). Am i missing some configuration task here? Anything else to enable/disable?


P.D: If a execute sh route i see two default routes, one for Internet with metric 1, and other for tunneled traffic with 255 metric.