ASA 5510 - Default Routing Issue

[Corsec]

I've currently got an ASA 5510 with two routers connected to it. We are trying to migrate the default routing traffic from the old to the new.

Router_New is currently routing all internal communications just fine across the site to site vpn.
Router_Old is still handling default traffic (0.0.0.0 0.0.0.0).

When trying to push internet traffic across the Router_New interface, I'm getting the following log entry:

Routing failed to locate next hop for icmp from NP Identity Ifc

Has anyone seen anything similar to that behavior before? Where a site-to-site VPN is able to handle internal traffic but not default routing?

Our vendor is stating the routers on their end are configured properly for default routing to cross over, but I'm not so sure.

 

[unclerico]

post your scrubbed config of the ASA as well as your crypto acl's on the routers and ip address information of both old and new.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[hairlessupportmonkey]

few things.

Select Management interface - Inside
Create an ICMP inpect MAP
ensure your ICMP rule is on the right interface

ACSS - SME
General Geek

 

[Corsec]

So found out the issue was two fold.

Initially the problem with the default route and the next hop was it was only being used in a test environment before lowering the metric to make it a primary.

Once I did that, the traffic was going out the proper interface as it should and it was just failing to return.

The second problem was the ASA on our datacenter end (which is managed by a third party company) didn't have the proper access-list configurations.

It's fixed now. Thank you for the help though!