Showing results for 
Search instead for 
Did you mean: 

site to site reverse route inject issue

raymond wang

I have configured two site to site vpn on the two routers. The core switch is connected to vpn router. To avoid configure lots of static route I configured the reverse route on both sides. From the test It looks like i need to configure some staic route or default route on core switch or route the traffic to the vpn router and then it will trigger the rri works. With out those static or default route, it looks like the RRI did not inject the route into the core switch.

i have eigrp configured between the router/switches. the problem is i do not want the default route to point to the vpn route at all. If I configure the static route, then why i need the rri..

So my question is how to let the RRI works once it is configured. If it works right away the core switch will receive the route and do not need to configure the static route at all




Rising star
Rising star

Hi Raymond,


You need to have default-route (, or default-network or default-gatway configured on the switch to push the traffic towards the vpn-routers.



Thanks for your reply. The default route should not go to vpn router, otherwise any traffic to the internet has to go to the vpn  router-http etc.

From my lab test it looks like with "reverse route static" will create the static route on the vpn router permanatlly and then redistribute into the eigrp.ospf. By this way the core switch will receive the customer subnet route to point to the vpn router then.


I think I can configure this way.

Hi Raymond,


IP routing should be enabled and static routes should be redistributed if dynamic routing protocols are to be used to propagate RRI-generated static routes.


Do you have this configured on your vpn-router?


 reverse-route static




Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: