|
|
 FAQ
 Search
 Memberlist
 Usergroups
 Register
 Profile
 Private messages
 Log in
|
|
| Author |
Message |
Tilman Schmidt
Guest
|
 Posted: Wed Jul 04, 2007 5:30 am Post subject: PIX says "no route" even though there is |
 |
|
In a fully meshed VPN of several PIXen, I see log messages like this:
%PIX-6-110001: No route to 10.1.212.254 from 10.1.213.251
with a disquieting frequency, but of course always when I'm not in the
office. The network uses static routing exclusively, and by the time I
log in to the PIX in question "show route" invariably shows the route
is there as it should. Nor do I see any correlation with other log
messages such as the occasional bursts of "%PIX-7-702205: ISAKMP Phase
2 retransmission" probably caused by line problems.
What might lead a PIX to temporarily deny the existence of a static
route, and how can I diagnose that?
TIA
--
Please excuse my bad English/German/French/Greek/Cantonese/Klingon/... |
|
| Back to top |
|
 |
|
|
Walter Roberson
Guest
|
| Posted: Wed Jul 04, 2007 7:02 am Post subject: Re: PIX says "no route" even though there is |
|
|
Tilman Schmidt wrote:
| Quote: | In a fully meshed VPN of several PIXen, I see log messages like this:
%PIX-6-110001: No route to 10.1.212.254 from 10.1.213.251
The network uses static routing exclusively,
What might lead a PIX to temporarily deny the existence of a static
route,
|
If the packet arrives on the wrong interface. PIX 6 doesn't allow
routing of a packet back to the same interface it came from, no matter
what the static routes say.
Turning on reverse path verification might perhaps help track the
problem. |
|
| Back to top |
|
|
|
|
