cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
763
Views
0
Helpful
3
Replies

ASA SLA route lookup failure

Darren Sasso
Level 1
Level 1

Odd problem when configuring SLA on an ASA, i keep getting route lookup failure when trying to ping an remote host across an IPSEC tunnel.  I've tried the below utilizing both the inside and outside interfaces but both fail.  The ping from the ASA is successful which is confusing.  I've masked the IP's.  

sla monitor 1
type echo protocol ipIcmpEcho x.x.x.x interface outside
frequency 5
sla monitor schedule 1 life forever start-time now

sla monitor 2
type echo protocol ipIcmpEcho x.x.x.x interface inside
frequency 5
sla monitor schedule 2 life forever start-time now

 %ASA-6-110003: Routing failed to locate next hop for icmp from NP Identity Ifc:x.x.x.x/0(inside interface of ASA) to inside:x.x.x.x/0(remote system i'm trying to ping)

Successful ping:

FW01# ping inside x.x.x.x
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to x.x.x.x, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/44/50 ms

Thoughts or suggestions would be appreciated.

3 Replies 3

Akshay Rastogi
Cisco Employee
Cisco Employee

Hi Darren,

Could you please share the output of 'show route' and 'show run route',

Regards,

Akshay Rastogi

Issue has been resolved.

I had to add the remote FW IP as interesting traffic which worked.

Thanks.

Hello Darren,

 

I have an exatly same issue so could i ask you to clarify what does it mean that you add remote FW ip as interesting traffic?

 

Thanks.

Review Cisco Networking for a $25 gift card