04-23-2008 09:13 AM - edited 03-03-2019 09:40 PM
Hello,
I am trying to set up bonded T1 to failover to DSL. Below is my set up.
An ASA 5505 is connected to inside network and also conencts to f0/0 on a 2811. 2811 has dual T1 cord with two T1 bonded using MLPPP. Multilink interface is my promary route ti Internet.
2811's F 0/1 is conencted to a DSL router. When I shut down multilink, trying to get to 4.2.2.2 works fine from 2811 as does a number of other IP address I tried (ping and trace-route). With multilink down, sourcing pings to 4.2.2.2 from router works. However, when a user from LAN tries to connect to Internet, it fails.
There is an internal DNS server they use.
What could be problem?
Thanks for suggestions in advance.
Solved! Go to Solution.
04-24-2008 10:07 AM
Paresh
If I am understanding correctly what you say then yes it does make sense.
HTH
Rick
04-23-2008 09:25 AM
Paresh
Based on your description of the symptoms I would guess that the traffic coming out of the ASA has been translated to an address that is associated with the T1/multilink. When you take that link down and send traffic over the DSL you can send it out ok. But I would guess that responses are attempting to come back over the T1/multilink since that is where the source address belongs logically.
My guess is that to fix it you will need to configure address translation so that any traffic that is sent over the DSL gets translated to an address that is associated with the DSL.
HTH
Rick
04-24-2008 08:58 AM
Hi Rick,
Thanks for your response.
Router does not do any translation. All inside addresses are translated to ASA's outside. I also turned off NAT on DSL router so there would not be any double-NAT issues. I just worked with customer and replaced T1 as static route with route to DSL as new static. From router, I was again able to ping 4.2.2.2 but not from a laptop directly connected to Cisco.
Thank you.
04-24-2008 09:18 AM
Paresh
I can not tell whether you agree with my theory of the problem or not. It seems to me that the ASA is translating addresses with an address (or an address pool) that is associated with the multilink. When you stop the multilink and send traffic out the DSL the translated address is no longer the correct address to use.
Perhaps it would help to clarify the issue if you would tell us what address space is used on the multilink, what address space is used on the ASA (and what addresses are used for translation) and what address space is used on the DSL.
HTH
Rick
04-24-2008 09:27 AM
Hi Rick,
I should have mentined...I initially did not agree with you. BUT, I see your point. The IP Address ASA uses for translation is 38.103.117.2 (overload) which is associated with Multilink pool. IP Addresses on the link between Cisco and DSL is also from Multilink pool as well. So to resolve this, I should use IP addresses from DSL pool on link between Cisco and DSL router and perform NAT on Cisco.
Does that make sense?
Thanks for your help.
04-24-2008 10:07 AM
Paresh
If I am understanding correctly what you say then yes it does make sense.
HTH
Rick
05-21-2008 09:59 AM
Hello Rick,
I was finally able to coordinate and make changes last night. You were correct. After implementing NAT appropriately, it started working as expected.
THANK YOU,
Paresh.
05-21-2008 10:09 AM
Paresh
I am glad that my suggestions were able to help you to resolve your issue. Thank you for using the rating system to indicate that your issue was resolved (and thanks for the rating). It makes the forum more useful when people can read an issue and can know that there was a response which did resolve the issue.
The forum is an excellent place to learn Cisco networking. I encourage you to continue your participation in the forum.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide