E R R O R: Cannot remove connected route
ERROR: Cannot remove connected route
firewall-asa(config)#
The above error is caused when you try to route a directly connected interface to another subnet. In order to remove this route, you need to shutown the interface, then remove the route.
For example, if you have 172.16.0.0/24 assigned to your INSIDE interface, and 192.168.0.0/24 routed to an IP within 172.16.0.0, and you want to move 192.168.0.0/24 to a dedicated segment on the FW (say DMZ), you will run into this problem. You need to shutdown the INSIDE segment in order to remove the route.
firewall-asa(config)# interface Ethernet0/1
firewall-asa(config-subif)# shut
firewall-asa(config-subif)# exit
firewall-asa(config)#
firewall-asa(config)# no route INSIDE 192.168.0.0 255.255.255.0 172.16.0.5
firewall-asa(config)#
firewall-asa(config)# interface Ethernet0/1.100
firewall-asa(config-subif)# no shut
Problem solved.
No comments:
Post a Comment