Symptom

When a default static route is configured with any interface's subnet gateway other than Gig 0, then the network connectivity to ISE is lost as it causes asymmetric routing with traffic received on gig 0 leaving out of Gig 1. This can seen with tcpdump on the command line interface of the ISE (accessed through console). Sample configuration : ! interface GigabitEthernet 0 ip address IP_and_Subnet_of_Gig_0 ipv6 address autoconfig ipv6 enable ! interface GigabitEthernet 1 ip address IP_and_Subnet_of_Gig_1 ipv6 address autoconfig ipv6 enable ! ip default-gateway IP_of_Gig_0's_gateway ! ip route 0.0.0.0 0.0.0.0 gateway IP_of_Gig_1's_gateway !

Conditions

1. ISE 3.0 and above AND 2. Static default route configured with gateway of an interface other than Gig0.

Workaround

Workaround 1: ============================ Delete the static default route and add it again Workaround 2: ============================ Shutdown the interface for which a static default route was configured and bring it back up. Note that these above workarounds are not reload persistent. Issue will come back post a reload and the workaround needs to be applied again. Workaround 3: ============================ Delete the static default route via interface other than G0 and add specific static routes to required reachable resources via same interface

Further Problem Description