Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4283
Views
0
Helpful
6
Replies

problem with ASA redistributing VPN statics

jack.leung
Level 1
Level 1

‎01-28-2011 07:38 AM - edited ‎03-06-2019 03:15 PM

Hi all,

I'm trying to redistribute the statics the ASA injects using reverse-routing and its not doing it. It will redistribute static routes I add in there but not the ones injected via RRI. Here is the config I am using.

ip local pool VPNPool172.20.11.129-172.20.11.254 mask 255.255.255.128

!

access-list STATIC-ACL standard permit 172.20.11.128 255.255.255.128
!
!
route-map STATIC-RM permit 10
match ip address STATIC-ACL
!
!
router eigrp 1
  redistribute static route-map STATIC-RM
!
crypto map outside_map 30 match address outside_1_cryptomap_1
crypto map outside_map 30 set reverse-route

doing a show access-list STATIC-ACL shows no hits. If I add a static route manually myself it redistributes fine. Am I missing something here? The ASA I have is a 5510 running 8.2.1

1 person had this problem
Labels:
0 Helpful
6 Replies 6

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎01-28-2011 12:01 PM

Hi,

You're saying that if you manually configure a static route on the ASA, it gets redistributed via EIGRP to the inside?


When you do a ''sh route'' on the ASA do you see the static VPN routes?

Federico.

0 Helpful

jack.leung
Level 1
Level 1
In response to Federico Coto Fajardo

‎01-28-2011 12:05 PM

HI Federico,

Correct I am trying to redistribute the statics on the ASA into EIGRP. And yes I do see the static routes on the ASA (even the VPN ones). However only the statics I manually configure are redistributed. The ones that are injected from RRI does not.

0 Helpful

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎01-28-2011 12:10 PM

As a test what if you redistribute without a route-map...

Instead of:


router eigrp 1
  redistribute static route-map STATIC-RM

Have:

router eigrp 1
  redistribute static

Does it make any difference?

Federico.

0 Helpful

jack.leung
Level 1
Level 1
In response to Federico Coto Fajardo

‎01-28-2011 12:12 PM

Yes, the first thing I tried and no difference.

0 Helpful

Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to jack.leung

‎01-28-2011 12:39 PM

Funny thing is that the documentation talks about RIP and OSPF but not EIGRP:

Reverse Route Injection (RRI) is used to populate  the routing table of an internal router that runs Open Shortest Path  First (OSPF) protocol or Routing Information Protocol (RIP) for remote  VPN Clients or LAN²LAN sessions.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809d07de.shtml

I am sure it should work for EIGRP also (version 8.x)....

Federico.

0 Helpful

richardburford
Level 1
Level 1
In response to Federico Coto Fajardo

‎03-11-2011 02:48 PM

I have found exactly the same issue today on version 8.2 code.  We can redistribute configured static routes into EIGRP without issue.  The RRI static routes however will not redistribute correctly regardless of the method of redistribution.

I have checked the bug database and cannot locate a matching entry.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card