Leaderboard

Kind of hard to believe this thread is from 2016. But just to share about ip routes. On old Pix devices (at least) to remove a route, you need to type no ip route with the network, subnet and destination you are removing. So in this case, ssh to your device and be like: en *enter password again* conf *press enter for terminal* no ip route 192.168.1.0 255.255.255.0 192.168.1.10 * Presuming you had a route added for an internal network of 192.168.1.0 on a /24, routing to a .10 device, the no prefix will let you remove it. * exit write mem The Exit takes you our of conf mode, so you can then write those changes to device memory. If you find yourself managing older ASA Cisco devices, I really suggest using the ASDM software. It runs off Java and is really picky with versions and self-signed certificates, so have a dedicated machine / VM for configuring with the ASDM software. If you want to see how a network is configured the ASDM is a nice means to survey it. Also of help when you are checking VPN tunnels to see what are active and moot. One of the bigger benefits I got from using the ASDM is seeing if a VPN group is disabled, it will take down ALL tunnels in that group. So I took to making various groups to manage active and inactive tunnels. I had some CLI cowfolks making group changes and dropping all tunnels in one fell swoop, thus came my change for multiple groups to better define what purpose a tunnel is serving.