Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1256
Views
0
Helpful
3
Replies

RIP and Static Routes all mixed up

imanco671
Level 1
Level 1

‎11-11-2011 06:31 AM - edited ‎03-04-2019 02:14 PM

Hello Community,

I have a mess of my routes on my ASA and my L3 Catalyst Switch. I was wondering if someone can help me make sense of the mess.

I have RIP working between the L3 and ASA. All my other static routes lie on my L3 which are from tunnels, watchguard firewalls and sonicwalls. So RIP cannot be used on any of these other subnets. So I statically added them to the L3 and distributed them to the ASA.

So my problem is that I do not know which are being distributed (mainly b/c I do not know much of how RIP would handle them) and which networks should be handled by RIP. Maybe I have a network added to RIP that should not be added. Maybe there are duplicate routes. Sorry that I am all messed up and confused.

Sonicwall - 192.168.200.0

Watchguard - 192.168.202.0, 10.10.10.0

ASA - 192.168.210.0, 192.168.220.0 (DMZ)

L3 - is my internal router

Below is the output from my ASA:

router rip

network 192.168.210.0

network 192.168.220.0

passive-interface DMZ

version 2

no auto-summary

!

ciscodemo# sh route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

       P - periodic downloaded static route

Gateway of last resort is 173.xxx.xx.65 to network 0.0.0.0

R    192.168.104.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

R    192.168.151.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

R    192.168.105.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

C    192.168.210.0 255.255.255.0 is directly connected, inside

R    192.168.150.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

R    192.168.110.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

S    192.168.230.0 255.255.255.0 [1/0] via 192.168.210.222, outside

R    192.168.111.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

C    173.251.29.64 255.255.255.224 is directly connected, outside

R    192.168.214.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

R    192.168.200.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

R    192.168.98.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

R    192.168.5.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

R    192.168.202.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:25, inside

R    10.10.10.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:01, inside

R    192.168.113.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:01, inside

R    192.168.112.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:01, inside

R    192.168.102.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:01, inside

C    192.168.220.0 255.255.255.0 is directly connected, DMZ

R    192.168.103.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:01, inside

R    192.168.155.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:01, inside

R    192.168.154.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:01, inside

R    192.168.3.0 255.255.255.0 [120/1] via 192.168.210.1, 0:00:01, inside

S*   0.0.0.0 0.0.0.0 [1/0] via 173.xxx.xx.65, outside

Here is my output from my L3:

router rip

version 2

redistribute static metric 1

network 10.0.0.0

network 192.168.200.0

network 192.168.202.0

network 192.168.210.0

network 192.168.220.0

no auto-summary

!

ip classless

ip route 10.10.10.0 255.255.255.0 10.10.10.222

ip route 192.168.3.0 255.255.255.0 192.168.200.254

ip route 192.168.5.0 255.255.255.0 192.168.200.254

ip route 192.168.98.0 255.255.255.0 192.168.200.254

ip route 192.168.102.0 255.255.255.0 192.168.200.254

ip route 192.168.103.0 255.255.255.0 192.168.200.254

ip route 192.168.104.0 255.255.255.0 192.168.200.254

ip route 192.168.105.0 255.255.255.0 192.168.200.254

ip route 192.168.110.0 255.255.255.0 192.168.200.254

ip route 192.168.111.0 255.255.255.0 192.168.200.254

ip route 192.168.112.0 255.255.255.0 192.168.200.254

ip route 192.168.113.0 255.255.255.0 192.168.200.254

ip route 192.168.150.0 255.255.255.0 192.168.200.254

ip route 192.168.151.0 255.255.255.0 192.168.200.254

ip route 192.168.154.0 255.255.255.0 192.168.200.254

ip route 192.168.155.0 255.255.255.0 192.168.200.254

ip route 192.168.200.0 255.255.255.0 192.168.200.254

ip route 192.168.202.0 255.255.255.0 192.168.202.222

arrouter#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

S    192.168.104.0/24 [1/0] via 192.168.200.254

S    192.168.151.0/24 [1/0] via 192.168.200.254

S    192.168.105.0/24 [1/0] via 192.168.200.254

C    192.168.210.0/24 is directly connected, Vlan5

S    192.168.150.0/24 [1/0] via 192.168.200.254

S    192.168.110.0/24 [1/0] via 192.168.200.254

S    192.168.111.0/24 [1/0] via 192.168.200.254

S    192.168.214.0/24 [1/0] via 192.168.200.254

C    192.168.200.0/24 is directly connected, Vlan4

S    192.168.98.0/24 [1/0] via 192.168.200.254

S    192.168.5.0/24 [1/0] via 192.168.200.254

C    192.168.202.0/24 is directly connected, Vlan3

     10.0.0.0/24 is subnetted, 1 subnets

C       10.10.10.0 is directly connected, Vlan2

S    192.168.113.0/24 [1/0] via 192.168.200.254

S    192.168.112.0/24 [1/0] via 192.168.200.254

S    192.168.102.0/24 [1/0] via 192.168.200.254

S    192.168.220.0/24 [1/0] via 192.168.210.222

S    192.168.103.0/24 [1/0] via 192.168.200.254

S    192.168.155.0/24 [1/0] via 192.168.200.254

S    192.168.154.0/24 [1/0] via 192.168.200.254

S    192.168.3.0/24 [1/0] via 192.168.200.254

Thanks for taking a look and helping me!!!

Please let me know if you need any more info from me

John

dmz2.jpg

Labels:
0 Helpful
3 Replies 3

acomiskey
Level 10
Level 10

‎11-11-2011 09:14 AM

John, perhaps you could rephrase what the issue is exactly, you may get more help. As it appears, it looks like you accomplished what you wanted to do, which was to tell the ASA how to get the the networks on the other side of the l3 switch.

0 Helpful

imanco671
Level 1
Level 1
In response to acomiskey

‎11-11-2011 09:49 AM

Sure, I definately need to keep an eye on how I word things, I definately need to be more clear.

I want to verify my RIP configuration is correct, since my network deals with non-rip compliant firewalls.

Thanks

John

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to imanco671

‎11-12-2011 09:55 AM

Hi,

like acomiskey stated your static routes are distributed into rip as they appear as rip routes on the ASA.

But if these devices are not rip compliant, do they have static routes to the subnets on the other side of the router.

I think this is what you must verify by first looking at their routing table then testing end-to-end connectivity with pings.

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card