Cisco Bug: CSCur12232 - Unable to remove redundant /32 route created per RRI
Aug 31, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: For an L2L VPN tunnel between ASA and SonicWall, the crypto ACL mentions 10.101.139.0 255.255.255.0 as the remote subnet and 'set reverse-route' is configured, due to which we observe the route below as expected: S 10.101.139.0 255.255.255.0 [1/0] via x.x.x.x, outside However, the we noticed the following in the syslog: %ASA-4-409007: Found LSA with the same host bit set but using different mask Existing: LSA ID 10.101.139.0 255.255.255.0 New: Destination 10.101.139.0 255.255.255.255 Due to which, the routing table shows: S 10.101.139.0 255.255.255.0 [1/0] via x.x.x.x, outside S 10.101.139.0 255.255.255.255 [1/0] via x.x.x.x, outside .... << this is the redundant one >> We are unable to remove/ delete this redundant route. Conditions: At this time we are not sure of the condition under which the redundant route got populated. However, comparing with lab repro, this might have got added due to an incorrect route propagated to the ASA because of some misconfiguration at peer end.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases