01-20-2008 05:44 PM - edited 03-03-2019 08:20 PM
Dear All,
Please advices me!!!
Now my system used fail over with ISPA and ISP 2, and use the router 1841 with module hwic-4fe.ISP1 is Primary and ISP2 is Backup.i have the problem: when ISP1 down ( i mean ISP has the problem but on router int F0/1 still up).So my client cannot access Internet. By the way when i take out ISP1 from Router it switch to ISP2.
Please see in the attach file.
Best Regards,
Join
01-20-2008 07:28 PM
Join, you should be able to build a config implementing object tracking.
See section example "Using Object Tracking feature using static routing for a multipoint primary gateway" when both primary and secondary ISP links are through FE interfaces.
Rgds
Jorge
01-20-2008 08:10 PM
Dear Jorge,
thank you for you help,
could you give some configuration for me or you can edit on last my attach file.
Note: ISP1 and ISP2 i use static ip.
Best Regards,
Join
01-20-2008 09:00 PM
First you need to know if you code supports object tracking feature.
Taken from your same config you could try this.
interface FastEthernet0/0
description LAN Interface
ip address 192.168.0.99 255.255.255.0
ip nat inside
speed auto
full-duplex
!
interface FastEthernet0/1
description WAN interface to ISP1 (Active)
ip address 10.150.10.39 255.255.0.0
ip nat outside
speed 10
full-duplex
interface Vlan1
description WAN interface to ISP2 (Backup)
ip address 192.168.1.2 255.255.255.0
ip nat outside
ip sla monitor 1
type echo protocol ipIcmpEcho 10.150.1.3
frequency 5
ip sla monitor schedule 1 life forever start-time now
track 1 rtr 1 reachability
ip nat inside source route-map NAT-ISP1 interface FastEthernet0/1 overload
ip nat inside source route-map NAT-ISP2 interface Vlan1 overload
ip route 0.0.0.0 0.0.0.0 10.150.1.3 track 1
ip route 0.0.0.0 0.0.0.0 192.168.1.1 5
access-list 99 permit 192.168.0.0 0.0.0.255
route-map NAT-ISP1 permit 10
match ip address 99
set ip next-hop verify-availability 10.150.1.3 track 1
route-map NAT-ISP2 permit 10
match ip address 99
set ip next-hop 192.168.1.1
01-20-2008 10:25 PM
dear jorge,
Thank you.
i will try again and let you know when it done.
Best Regards,
Join
01-22-2008 04:13 AM
Dear All and jorge,
i come agian,
i has some problem,So when the ISP1 has the problem,then the ISP2 is up but my client cannot access Internet.By the way when i traceroute from router 1841, so packet throught out to ISP2.
Could you help me, what's going on?
Best Regards,
Join
01-22-2008 05:51 AM
when ISP1 is off and ISP2 up and clients try accessing internet through ISP2 can you record and post the output of "show ip nat translations"
Rgds
Jorge
01-22-2008 12:17 PM
Join, you may need to configure rate limiting nat translations, once your ISP1 is down nat translations are probably still bound to ISP1. When you have a chance to do the failover test again please note "show ip nat translation " just for the record.
You may want to add these in your config
ip nat translation timeout 2
ip nat translation icmp-timeout 2
ip nat translation tcp-timeout 2
ip nat translation udp-timeout 2
see ip nat translation (timeout)
Post results when you can.
Rgds
Jorge
01-22-2008 06:46 PM
01-23-2008 05:42 PM
Dear Jorge and all,
Do you have any idea on this case?
Please help me to solve this issue!!!!
When the ISP 1 down, the ISP 2 still up, but my client cannot access Internet.and i try to ping from router to other public IP is ok,( during ISP1 down.
Best Regards,
Join
01-23-2008 07:53 PM
Join, what is the default gateway for the clients machines, is it point to 192.168.0.99? please confirm this.. , can you run debug ip nat at the router while trying to ping something on the outside and post output of debug.
Rgds
Jorge
01-23-2008 08:35 PM
01-23-2008 08:41 PM
Sorry ,
in the attach file number 2 is wrong the name:
2,When ISP1 down and ISP2 up.txt
all my client you 192.168.0.99 is gateway.
01-23-2008 09:48 PM
change these statements bellow keeping the rest of the config the same.
ip sla monitor 1
icmp-echo 192.168.168.1
frequency 5
ip sla schedule 1 life forever start-time now
and add oer at end of overload, if not available you will need to upgrade to code
that supports oer feature.
ip nat inside source route-map NAT-ISP1 interface FastEthernet0/1 overload oer
ip nat inside source route-map NAT-ISP2 interface Vlan1 overload oer
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml
01-23-2008 10:59 PM
Dear Jorge,
command that you gave me has some error.
my router support this command:
Router(config-sla-monitor)#type ?
dhcp DHCP Operation
dns DNS Query Operation
echo Echo Operation
frame-relay Perform frame relay operation
ftp FTP Operation
http HTTP Operation
jitter Jitter Operation
pathEcho Path Discovered Echo Operation
pathJitter Path Discovered Jitter Operation
slm SLM Operation
tcpConnect TCP Connect Operation
udpEcho UDP Echo Operation
voip Voice Over IP measurement
This is flash in my router
Router(config)#do sho fla
-#- --length-- -----date/time------ path
1 660 Dec 25 2007 06:57:46 +00:00 vlan.dat
2 1821 Sep 13 2007 08:08:52 +00:00 sdmconfig-18xx.cfg
3 861696 Sep 13 2007 08:09:14 +00:00 es.tar
4 1164288 Sep 13 2007 08:09:36 +00:00 common.tar
5 1038 Sep 13 2007 08:09:54 +00:00 home.shtml
6 113152 Sep 13 2007 08:10:12 +00:00 home.tar
7 18859836 Dec 07 2007 10:06:22 +00:00 c1841-advsecurityk9-mz.124-2.T1.bin
10911744 bytes available (21020672 bytes used)
Router(config)#
----------
all command that you gave me i cannot confige on router
Best Regards,
Join
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide