09-08-2010 10:09 PM - edited 03-04-2019 09:42 AM
I have made configuration for 2 ISP.
Unfortunately NAT do not want to switch automatically from inactive to active route.
Any suggestions:
My config:
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
description WAN2
switchport access vlan 2
!
interface FastEthernet4
description $ES_WAN$$FW_OUTSIDE$$ETH-WAN$
ip address 10.14.62.83 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.9.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan2
ip address 192.168.11.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.14.62.81
ip route 0.0.0.0 0.0.0.0 192.168.11.1 2
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source route-map ISP1 interface FastEthernet4 overload
ip nat inside source route-map ISP2 interface Vlan2 overload
!
logging trap debugging
access-list 101 permit ip 192.168.9.0 0.0.0.255 any
access-list 102 permit ip 192.168.9.0 0.0.0.255 any
no cdp run
!
!
!
route-map ISP2 permit 10
match ip address 102
set ip next-hop 192.168.11.1
!
route-map ISP1 permit 10
match ip address 101
set ip next-hop 10.14.62.81
09-09-2010 01:30 AM
Hello Pwolza,
try to match the outgoing interface in order to have second route-map to kick in
match interface fas4
match interface vlan2
in second route-map
Hope to help
Giuseppe
09-09-2010 05:08 AM
Well with a litle of your help I made some corrections to the configuration and now it working
ip nat inside source route-map ISP1 interface FastEthernet4 overload
ip nat inside source route-map ISP2 interface Vlan2 overload
!
logging trap debugging
no cdp run
!
!
!
route-map ISP2 permit 11
match interface Vlan2
set ip next-hop 192.168.11.1
!
route-map ISP1 permit 10
match interface FastEthernet4
continue 11
set ip next-hop 10.14.62.81
09-10-2010 08:01 AM
Hello Pwolza,
I'm happy it is working now I had little time so I had given you just an hint and you have been good to take it.
Note:
these are actually two different route-maps (they have different names) and not two blocks of the same route-map.
So the continue 11 does not provide a reference to the other route-map but to block 11 in route-map ISP1.
My guess is that without the continue 11 line the behaviour should not change as the meaning of match interface should be "match the outgoing interface to be used to send traffic".
Hope to help
Giuseppe
09-12-2010 11:18 PM
Yes, indeed it is working without continue 11.
Thanks for suggestion.
09-16-2010 11:05 PM
Now everything works fine.
Unfortunately the automatically switching of the ISP only works when I will put off the plug from the cisco socket.
When the signal goes down from ISP router, CISCO do not want to push the traffic into backup ISP.
Tracert gives me information of the destination IP for example cisco.com but without addresses of hoops.
What to do now ??
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: