08-11-2007 11:08 PM - edited 03-11-2019 03:56 AM
Our border router is sending a default route only but our ASA is not learning the route. We have run debugs and we have verified that it is being seen by the ASA but the route is not being installed in the routing table. Any ideas?
08-12-2007 09:47 AM
John, it is hard to tell without seeing the configs between asa and border router.., please post configs for forum to see and help.
08-12-2007 07:45 PM
Ooops here is my config hope it is enough. It also show the debug for both the border router and the ASA.
Border Router RIP Config
!
!
router rip
version 2
redistribute bgp 65002 metric 1 route-map DEFAULT_ONLY
passive-interface ATM1/0.1
passive-interface ATM1/0.2
passive-interface GigabitEthernet2/0
network 192.168.200.0
!
!
route-map DEFAULT_ONLY permit 10
match ip address 10
!
access-list 10 permit 0.0.0.0
debug on border router
Aug 12 22:27:59.731 cdt: RIP-DB: redist 0.0.0.0/0(metric 0) to RIP
Aug 12 22:27:59.731 cdt: RIP-DB: adding 0.0.0.0/0 (metric 1) via 204.147.83.189
on GigabitEthernet2/0 to RIP database
Aug 12 22:28:10.615 cdt: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/0
(192.168.200.49)
Aug 12 22:28:10.615 cdt: RIP: Update contains 1 routes
Aug 12 22:28:10.615 cdt: RIP: Update queued
Aug 12 22:28:10.615 cdt: RIP: Update sent via FastEthernet0/0
ASA config
router rip
network 192.168.200.0
passive-interface dmz1
passive-interface inside
passive-interface intersite
version 2
no auto-summary
!
debug on ASA:
RIP: received v2 update from park-scrn-rtr-i on outside
0.0.0.00.0.0.0 via 0.0.0.0 in 1 hops
RIP: Update contains 1 routes
!
route outside 0.0.0.0 0.0.0.0 park-scrn-rtr-i 99
route intersite 0.0.0.0 0.0.0.0 172.31.254.242 100
access-list outside_access_in extended permit udp any eq rip interface outside eq rip
access-list outside_access_in extended permit udp any eq rip host ASA-1-Outside-Int eq rip
08-12-2007 08:01 PM
you already have two default routes on your asa device, both with administrative distances lower than RIP.
Can you explain what you're trying to accomplish?
08-12-2007 08:06 PM
Notice the metric though. As soon as the dynamic rip route shows up with a metric of 1 it should in theory take over or trump these routes. It work that why with the PIX anyway. So I'm making some assumptions.
08-12-2007 08:08 PM
a metric is different than administrative distance. The assigned RIP metric doesn't matter be/c the the other default routes with lower AD's are matched first in the selection process to see which routes go into the routing table.
08-12-2007 08:31 PM
Ok it must of worked a bit different than how we had it in the pix. Or I probably looked at it incorrectly I will have to look at the config for the pix again.
What I did was moved both static defaults to what the ASA calls METRIC in ASDM under configuration,device setup, static routes to 122 and 121 and then I started learning the route from RIP. Verified this by going to Monitoring, Routing, Routes here it does show both AD/Metric which makes sense to me. The ASDM gui was makeing me question METRIC. They should probably change this in the GUI. Workin now. Thanks for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide