Nat over two WAN link

Unanswered Question
Apr 23rd, 2009
User Badges:

Hi all,

I have an issue trying to nat over two links. Currently I can only get it to work over one. I have static routes and I need to have it over both so that if one link is down we use the other link, link an automatic failover.

Below is my current config.

interface FastEthernet0

ip address

ip nat outside

ip virtual-reassembly

duplex auto

speed auto


interface FastEthernet1

ip address

ip nat outside

ip virtual-reassembly

speed 10



interface Vlan1

ip address

ip access-group Control in

ip nat inside

ip virtual-reassembly


interface Async1

no ip address

encapsulation slip


ip route 151

ip route 152



no ip http server

no ip http secure-server

ip nat inside source static interface FastEthernet0


ip access-list extended Control

permit ip any

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Sureshdank Thu, 04/23/2009 - 02:09
User Badges:


Are these Internet links or Interoffice leased lines.

If they are Internet links you can ask your service provider to route the public segment towards both the links at his end. So what happens when reverse packet comes to the ISP end it will find the route towards tow interfaces if any of them is down it will go to the secondary link. Auto load balancing will take place.

Please rate if helpfull.


Suresh Kumar

zenon_electronics Thu, 04/23/2009 - 06:52
User Badges:


you have to use the "extendable" command at the end of the NAT rule, for example:

ip nat inside source static x.x.x.x extendable

ip nat inside source static y.y.y.y extendable

where x.x.x.x and y.y.y.y are the ip addresses of your interfaces fa0 and fa1.

Make sure you use the IP address not "interdace fastEthernet" command.

Good luck and regards!

gbenga.shobowale Fri, 04/24/2009 - 00:27
User Badges:

Thanks but this did not give my desired result as nat now works on one interface but not the other.

I am hoping that the best of both worlds.. I will post another configuration I am trying soon.. just hoping it works

gbenga.shobowale Sat, 04/25/2009 - 07:39
User Badges:

ip sla 1


ip sla schedule 1 life forever start-time now



track 123 rtr 1 reachability


I tried this to monitor if the link is down.. but for some strange reason putting this on the routing table it says the link is down...

I had to remove it and having the

ip nat inside source static extendable

ip nat inside source static yyy.yyy.yyy.1 extendable

Solved the problem

thanks guys ... but really the problem is with the statement when i ping the gw (within the router) it timeout even though I am on the net. I can ping from a workstation.. just wondering ...


This Discussion