Skip to main content
SOC_Reply
SOC_Reply
New Member
March 5, 2013
Question

Static routing entry missing from routing table

  • March 5, 2013
  • 2 replies
  • 6538 views
Hello, anyone of you bump into a situation like this: - added one static entry on the " static route" entry on VDOM root - destination interface is an IPSec tunnel so, if you issue the " get router info routing-table all" on the CLI, the above mentioned static entry does not appear. The device is a Fortigate 620b with a 4.0 MR2 release. Thanks in advance for any help provided.

    2 replies

    emnoc
    emnoc
    New Member
    March 5, 2013
    Is that ipsec tunnel up ? I think if the tunnel is down, the route would be squashed.
    SOC_Reply
    SOC_ReplyAuthor
    New Member
    March 5, 2013
    Yes, the tunnel is up and some other traffic is passing into it.
    rwpatterson
    rwpatterson
    New Member
    March 5, 2013
    You will only see a route if the tunnel was created in interface mode. Policy mode tunnels use other methods for routing. (Smoke and mirrors is my guess....)
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    March 6, 2013
    Strange that you see " some other traffic passing into it" . Either you need a route to pass traffic, or the route is not in the r. table and traffic does not pass -? Please give more information about the intended traffic and the route(s) you' ve configured. And the matching Quick Mode selectors in phase2.
    SOC_Reply
    SOC_ReplyAuthor
    New Member
    March 6, 2013
    The context is more complex than i told; the Fortigate 620b act as a VPN concentrator for many IPSec L2L VPNs. The above mentioned VPN was previously configured and is working fine for other 3 networks that are located on the remote end of the VPN. All three networks are addressed each one with a static route having the tunnel interface as destination. Now, we added a new network on the remote end and thus a new static route on VPN concentrator. Note that the first 3 static route and the new one are not consecutive and i have almost 140 static routes configured on VPN concentrator. Quick mode selectors are 0.0.0.0/0.0.0.0 for both source and destination. Thanks again.
    SOC_Reply
    SOC_ReplyAuthor
    New Member
    March 15, 2013
    Hi all, just to close the topic...a reboot solved the problem...
    Terms & ConditionsAccessibility statement