Thanks for your reply. The

raymond wang · ‎08-21-2015

I have configured two site to site vpn on the two routers. The core switch is connected to vpn router. To avoid configure lots of static route I configured the reverse route on both sides. From the test It looks like i need to configure some staic route or default route on core switch or route the traffic to the vpn router and then it will trigger the rri works. With out those static or default route, it looks like the RRI did not inject the route into the core switch.

i have eigrp configured between the router/switches. the problem is i do not want the default route to point to the vpn route at all. If I configure the static route, then why i need the rri..

So my question is how to let the RRI works once it is configured. If it works right away the core switch will receive the route and do not need to configure the static route at all

Thanks

rizwanr74 · ‎08-23-2015

Hi Raymond,

You need to have default-route (0.0.0.0 0.0.0.0), or default-network or default-gatway configured on the switch to push the traffic towards the vpn-routers.

thanks

raymond wang · ‎08-24-2015

Thanks for your reply. The default route should not go to vpn router, otherwise any traffic to the internet has to go to the vpn router-http etc.

From my lab test it looks like with "reverse route static" will create the static route on the vpn router permanatlly and then redistribute into the eigrp.ospf. By this way the core switch will receive the customer subnet route to point to the vpn router then.

I think I can configure this way.

rizwanr74 · ‎08-24-2015

Hi Raymond,

IP routing should be enabled and static routes should be redistributed if dynamic routing protocols are to be used to propagate RRI-generated static routes.

Do you have this configured on your vpn-router?

reverse-route static

site to site reverse route inject issue