Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problem with route on ASA

Dear all,

I would like to ask you about routing on ASA 5520.When i add command route on ASA it show message like this.

ASA(config)# route online 0.0.0.0 0.0.0.0 10.189.133.65

ERROR: Cannot add route entry, conflict with existing routes

I cannot find conflict route.

Best Regards,

Rechard_HK

6 REPLIES
Hall of Fame Super Blue

Re: Problem with route on ASA

Rechard

Could you post the ASA routing table please ?

Jon

New Member

Re: Problem with route on ASA

Dear Jon,

This is configuration.

Please see in the attach file.

Best Regards,

Rechard_hk

Hall of Fame Super Blue

Re: Problem with route on ASA

The conflicting route is

route outside 0.0.0.0 0.0.0.0 10.200.15.221 1

You cannot add 2 default routes. You can enter a more specific route eg.

route online 172.16.0.0 255.255.0.0 10.189.133.65

Note - the above is just an example. But you cannot have 2 entries for the same route ie.

0.0.0.0 0.0.0.0

Jon

New Member

Re: Problem with route on ASA

Dear Jon,

You mean on ASA not allow use many default route, right?Is it can use only one default route?this is the rule right?

Best Regards,

Rechard_hk

Hall of Fame Super Blue

Re: Problem with route on ASA

Rechard

Apologies i should have been more specific. You can multiple default-routes with the same cost but they must go out the same interface - see link for more details:

http://www.cisco.com/en/US/docs/security/asa/asa70/configuration/guide/ip.html#wp1047894

You can also have 2 default-routes with unequal cost ie.

route outside 0.0.0.0 0.0.0.0 10.200.15.221 1

You could then add your other default route with an admin distance higher than 1

route online 0.0.0.0 0.0.0.0 10.189.133.65 2

Note the number at the end of the route statements ie. 1 in your first statement and 2 in the second statement. The ASA will always use the route with an AD of 1.

Jon

New Member

Re: Problem with route on ASA

Dear Jon,

Thanks you for your help,

Could i ask you one more question?

i would like to continuous as question above so i had ASA 5520 and i did configure VPN site to site. interface gi0/0 is outside, g0/1 is inside and gi 0/2 is online.

Interface outside and Online for VPN interface. so we i configure already is ok, but next to day it doesn't work( i mean it ont stable).Could you help me to check configuration on ASA as in the attach file.

Best Regards,

Rechard_HK

2259
Views
0
Helpful
6
Replies