cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
930
Views
7
Helpful
4
Replies

Is there a way to see your ASA's backup DEFAULT route?

rweir0001
Level 1
Level 1

Hi,

We have SLA monitoring set up to ping a Google DNS server with the IP address of 8.8.4.4. We also have a default route pointing to the next hop of our primary ISP. If that primary ISP failed then we would want traffic to fail over to the secondary ISP on our outside2 interface. This SLA Monitor was configured before my time with the company, and the primary ISP never fails, so I'm not sure if a backup default route to the secondary ISP was ever configured and added to the SLA Monitor. I really can't shut down the outside interface for our primary ISP to test, so is there any way to check the CLI or the ASDM of an ASA5510 to see if the backup DEFAULT route is configured. From my understanding, you can only ever see this backup DEFAULT route if the primary fails. I hope I'm wrong because I would love to find a way to see if that backup DEFAULT route even exists. Also, what are the best practices for an SLA Monitor? Should I point it to the next hop for our primary ISP, or is the Google DNS server it is pointed to now sufficient? 

Does anyone know the answer to this?

Rick

1 Accepted Solution

Accepted Solutions

Syed Taukir
Level 1
Level 1

You can see the backup default route with "show run | in route". As you have IP Sla, you would have a backup route with a higher A.D.

You can check with "show asp table routing"

View solution in original post

4 Replies 4

Syed Taukir
Level 1
Level 1

You can see the backup default route with "show run | in route". As you have IP Sla, you would have a backup route with a higher A.D.

You can check with "show asp table routing"

Thanks, Syed. That was excatly what I was looking for.

As Syed mentioned, you can check the backup default route with "show run | in route".

If you want to verify your configuration and also want to have a look at some "show" commands,

this link can be handy:

http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/70559-pix-dual-isp.html

Regards,

Pulkit Saxena

Thanks!

Review Cisco Networking for a $25 gift card