Routing issues between two Interfaces

Unanswered Question
Sep 13th, 2007
User Badges:

boot-start-marker

boot-end-marker

!

memory-size iomem 25

clock timezone gmt +2

no aaa new-model

ip subnet-zero

!

!

!

!

ip flow-cache timeout active 1

ip cef

!

!

!

!

!

!

!

username admin privilege 15 secret xxxxxxxxxxxxxxxxxxxxxxxxxxxx

!

!

interface Loopback0

!

interface Ethernet0/0

descritption Link to Sat

bandwidth 512

ip address 86.x.x.62 255.255.255.252

ip nat outside

ip flow ingress

load-interval 30

half-duplex

priority-group 1

!

interface FastEthernet0/0

description Local LAN

bandwidth 512

ip address 192.168.16.1 255.255.255.0

ip nat inside

speed auto

!

interface Ethernet1/0

description Link to iConnect

ip address dhcp client-id Ethernet1/0

ip nat outside

ip flow ingress

load-interval 30

shutdown

half-duplex

!

ip nat inside source route-map NAT_ICON interface Ethernet1/0 overload

ip nat inside source route-map NAT_SAT interface Ethernet0/0 overload

ip nat inside source static tcp 192.168.16.10 1723 interface Ethernet0/0 1723

ip nat inside source static tcp 192.168.16.10 443 interface Ethernet0/0 443

ip nat inside source static tcp 192.168.16.10 25 interface Ethernet0/0 25

ip nat inside source static tcp 192.168.16.10 80 interface Ethernet0/0 80

ip nat inside source static tcp 192.168.16.10 21 interface Ethernet0/0 21

ip nat inside source static tcp 192.168.16.10 110 interface Ethernet0/0 110

ip nat inside source static tcp 192.168.16.10 110 41.222.18.208 110 route-map NAT_ICON extendable

ip nat inside source static tcp 192.168.16.10 25 41.222.18.208 25 route-map NAT_ICON extendable

ip nat inside source static tcp 192.168.16.10 1723 41.222.18.208 1723 route-map NAT_ICON extendable

!

ip classless

ip route 0.0.0.0 0.0.0.0 86.62.13.61

ip route 193.220.223.241 255.255.255.255 86.62.13.61 permanent

ip route 196.12.15.191 255.255.255.255 Ethernet1/0 41.222.18.254

no ip http server

ip flow-export version 5

ip flow-export destination 192.168.16.10 9996

!

!

priority-list 1 protocol ip low tcp smtp

priority-list 1 default high

!

route-map NAT_ICON permit 10

match interface Ethernet 1/0

!

route-map NAT_SAT permit 10

match interface Ethernet 0/0

!

!

!

!

line con 0

login local

line aux 0

line vty 0 4

local local

!

end



Looking at the configuration above what should I do to allow all traffic to go through e0/0. Note that e1/0 interface is deliberate shutdown cause the moment it is up internet traffic gets routed through it.


What I am missing out mates?


Thanks in advance,



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
csco11014562 Fri, 09/14/2007 - 00:37
User Badges:

Thanks for your response. How do you mean exactly? Do you mean route-map NAT_SAT should come first and then NAT_ICON


Please elaborate if I am missing your point.


Thanks in advance,



paul.matthews Fri, 09/14/2007 - 00:35
User Badges:
  • Silver, 250 points or more

I note that address is DHCP - does the DHCP server allocate a default route as well? a sh ip route with the interface up would be interesting to see.


Ideally you could try manually setting the address, but I accept that may not be possible.


You could also try:


interface Ethernet1/0

description Link to iConnect

no ip dhcp client request static-route

no ip dhcp client request router

ip address dhcp client-id Ethernet1/0


to see if you can make the request reject those options, but I have never tried that...


Another option might be to use Policy Based Routing to simply force all traffic that way, but beware as PBR does not andle re-routing very well!


Please rate all useful posts.

Pavel Bykov Fri, 09/14/2007 - 00:48
User Badges:
  • Silver, 250 points or more

What does "show ip route" say when both interfaces are up?

Actions

This Discussion