Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
515
Views
0
Helpful
4
Replies

2811 dual adsl

tiago.nunes
Level 1
Level 1

‎09-23-2008 01:42 AM - edited ‎03-03-2019 11:39 PM

Hi there.

The scenario is the one shown in the .doc

The ideia is to forward all the internet traffic through dialer 2 and the vpn traffic through dialer 3

How can I do that? I tried with route maps, but it didn't work. The route-maps are still shown in the router config, but they aren't applied to any interface

In attachement i send the scneario, and two config files

Thanks in advance

Labels:
19555-asa
19557-router
25 KB
0 Helpful
4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎09-23-2008 11:51 AM

Hello Tiago,

on the router 2811

have a preferred default route via dialer2 and a backup one via dialer3.

ip route 0.0.0.0 0.0.0.0 dialer2

ip route 0.0.0.0 0.0.0.0 dialer3 200

then you need to perform NAT using a route-map with two blocks

all IPSEC related traffic has to be mapped to dialer3

route-map selective-NAT permit 10

match ip address 121

route-map selective-NAT permit 20

match ip address 122

access-list 121 permit udp any any eq 500

access-list 121 permit udp any eq 500 any

access-list 121 permit ah any any

access-list 121 permit esp any any

! example let's suppose net 10/8 is to be NATTED

access-list 122 permit 10.0.0.0 0.255.255.255 any

see the following link

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml

Hope to help

Giuseppe

0 Helpful

tiago.nunes
Level 1
Level 1
In response to Giuseppe Larosa

‎09-24-2008 07:09 AM

Hi there!

There must be something missing.

I've tried your ideia, but as soon as i insert the default route to dialer 2, the vpn's stop working.

What is missing me? By the way, i applied the route maps to the fast ethernet (inside) interface of the router. Is this correct?

And also, i've added the match interface in the route-maps.

Is there anything missing me?

Thanks

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to tiago.nunes

‎09-24-2008 08:05 AM

Hello Tiago,

the route-maps are not to be applied at the interfaces but used by NAT

ip nat source inside route-map x ....

see in the document in the link in my first post

Hope to help

Giuseppe

0 Helpful

tiago.nunes
Level 1
Level 1
In response to Giuseppe Larosa

‎09-24-2008 08:16 AM

oh, ok.

But what will be the rest of the ip nat inside command? I will nat it to dialer 2 or dialer 3? with or without overload?

which of these will work?

ip nat inside source route-map x interface dialer 2

ip nat inside source route-map x interface dialer 2 overload

ip nat inside source route-map x interface dialer 3

ip nat inside source route-map x interface dialer 3 overload

???

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card