cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Bookmark
|
Subscribe
|
463
Views
0
Helpful
2
Replies

Static routes over IPSec not running after router reboot

David Lee
Level 1
Level 1

Hello all,

Quick question.  I have a Cisco 1921 running 15.3.  I have 5 static routes setup to route over the IPSec tunnel interface.  If the router reboots, the Tunnel comes up with no issues.  If I do a show IP route, the static routes are not there.  Even though they are in the Show Run.  If I do a NO IP Route for each route and then do a IP Route to re-enable them, they then show back up in the IP Route table.  Has anyone else ever run into this?  This is also an IPSec tunnel to a non Cisco Router.  As long as the static routes are there, everything is great. 

DLC1921LTNTX3020#sh ip rout
Jun 22 21:54:33: %SYS-5-CONFIG_I: Configured from console by David on vty0 (192.168.205.100)e
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 70.122.240.1 to network 0.0.0.0

S*    0.0.0.0/0 [254/0] via 70.122.240.1
      10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
S        10.2.0.0/16 is directly connected, Tunnel161     <-----Not in Table after router Reboot
S        10.4.5.0/24 is directly connected, Tunnel161     <-----Not in Table after router Reboot 
S        10.5.5.0/24 is directly connected, Tunnel161     <-----Not in Table after router Reboot 
S        10.10.0.0/16 is directly connected, Tunnel161   <-----Not in Table after router Reboot 
      70.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        70.122.240.0/20 is directly connected, GigabitEthernet0/1
L        70.122.250.XX/32 is directly connected, GigabitEthernet0/1
      142.254.0.0/32 is subnetted, 1 subnets
S        142.254.130.2XX [254/0] via 70.122.240.1, GigabitEthernet0/1
S     192.168.0.0/16 is directly connected, Tunnel161     <-----Not in Table after router Reboot 
      192.168.205.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.205.0/24 is directly connected, GigabitEthernet0/0
L        192.168.205.252/32 is directly connected, GigabitEthernet0/0

ip dns server
ip nat inside source list 10 interface GigabitEthernet0/1 overload
ip nat inside source static tcp 192.168.205.6 22 interface GigabitEthernet0/1 9922
ip route 10.2.0.0 255.255.0.0 Tunnel161
ip route 10.4.5.0 255.255.255.0 Tunnel161
ip route 10.5.5.0 255.255.255.0 Tunnel161
ip route 10.10.0.0 255.255.0.0 Tunnel161
ip route 192.168.0.0 255.255.0.0 Tunnel161

2 Replies 2

johnlloyd_13
Level 9
Level 9

hi,

could you re-configure your static routes use the next hop IP instead?

i.e.

no ip route 10.2.0.0 255.255.0.0 Tunnel161

ip route 10.2.0.0 255.255.0.0 <NON CISCO TUNNEL IP>

Hi there,

Im not sure what you mean by that.  The next hop is Tunnel 161.  The Tunnel 161 is using 0 on each end. 

DLC1921LTNTX3020#sh int tun 161
Tunnel161 is up, line protocol is up
  Hardware is Tunnel
  Description: IPSec VPN G001dCO
  Interface is unnumbered. Using address of GigabitEthernet0/1.151 (0.0.0.0)
  MTU 17878 bytes, BW 10240 Kbit/sec, DLY 50000 usec,
     reliability 255/255, txload 1/255, rxload 1/255