cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2019
Views
0
Helpful
6
Replies

cisco isr 819 cellular interface...

swclark
Level 1
Level 1

my cisco isr 819 constantly cycles between the gigabyte interface and the cellular...? _i have the device configured for auto failover with the gigabyte interface being the primary and the cellular as backup. _i used Cisco Configuration Pro to configure the router. _i have attached the router config for expert evaluation.....thanks in advance.

1 Accepted Solution

Accepted Solutions

Cinthia Martinez
Cisco Employee
Cisco Employee

Hi,

 

In this case, it is likely the issue is caused by the NAT translations. After reviewing your configuration, I suggest adding an EEM script to clear the IP NAT translations once the primary route goes down. Here you have the EEM script suggested:

 

event manager applet IP_NAT

event track 1 state any

action 1.0 cli command "enable"

action 2.0 cli command "clear ip nat translation *"

!

 

 

 

 

View solution in original post

6 Replies 6

Cinthia Martinez
Cisco Employee
Cisco Employee

Hi,

 

In this case, it is likely the issue is caused by the NAT translations. After reviewing your configuration, I suggest adding an EEM script to clear the IP NAT translations once the primary route goes down. Here you have the EEM script suggested:

 

event manager applet IP_NAT

event track 1 state any

action 1.0 cli command "enable"

action 2.0 cli command "clear ip nat translation *"

!

 

 

 

 

Yes you are correct Cinthia, it is the NAT and depending on which external interface i configure first with NAT, that's the only interface providing NAT to out going packets.

What i hope to achieve with my C819HG ISR router is provide the G0 interface as primary internet access. If that access goes down i want the Cellular0 interface to come up and provide a path to the internet. When the G0 access is restored i want the Cellular0 interface to go back to standby.   

here is my config.....

! Last configuration change at 14:30:15 Chicago Thu Feb 19 2015 by ADMIN
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname rtr-cisco
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
no aaa new-model
clock timezone Chicago -6 0
clock summer-time Chicago date Apr 6 2003 2:00 Oct 26 2003 2:00
!
crypto pki trustpoint TP-self-signed-3083563774
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3083563774
 revocation-check none
 rsakeypair TP-self-signed-3083563774
!
crypto pki certificate chain TP-self-signed-3083563774
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33303833 35363337 3734301E 170D3135 30323133 32313035
  35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30383335
  36333737 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100AB4C 2DA1C3C3 CABBB054 765A1E14 A7BA0347 AFFD1913 B04113DD A21D7CEB
  F09F6572 5BF58323 586BEF24 929003D4 4CAD8864 A00FF40A A59A9969 C12615A0
  1DFE5527 BA6E2C27 33F75615 A36DA242 42862F33 D2823AA3 B838AA3B C938930A
  6D48BD79 11BD9CF5 8B7BEBC8 8C6D9D34 6E5415EB A3CFF3C7 E48F20C4 B18B15FE
  38BD0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 14B5AEAA D7E9FEF2 3A4FF79D 4251425F EF9F28DC 61301D06
  03551D0E 04160414 B5AEAAD7 E9FEF23A 4FF79D42 51425FEF 9F28DC61 300D0609
  2A864886 F70D0101 05050003 81810039 C6D2590C 0741F53E 62E6E7CE 62534CF9
  3A8A6C79 BECBACD7 AF73FA4C 8ED5C059 58A7B08C FBCE2ED0 66196250 20C570AC
  8D802A6B 5E33FFD7 580BBC4C 7C442C42 0F77E3FD F465B724 69D29CFF 19F59635
  D55A9E71 290CE668 B2C74CA1 ED641A2E 714BC06F 17CE9E44 B998945A C1733318
  BFDA96CD 9D66ACA7 B1D79229 8A1322
        quit
!
ip dhcp excluded-address 172.17.37.1 172.17.37.9
ip dhcp excluded-address 172.17.37.16 172.17.37.254
!
ip dhcp pool ciscoPool
 import all
 network 172.17.37.0 255.255.255.0
 dns-server 8.8.8.8 8.8.4.4
 default-router 172.17.37.1
!
ip domain name sr.nwris.noaa.gov
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
chat-script lte "" "AT!CALL1" TIMEOUT 20 "OK"
!
license udi pid C819HG-4G-V-K9 sn FTX181583HV
!
username ADMIN privilege 15 secret 4 wYSo2PORqoebHxp3dazS6tzNpgOc5RQBMmrsFZ5l6jE
!
controller Cellular 0
!
track 1 ip sla 1 reachability
!
ip ssh version 2
ip scp server enable
!
interface Cellular0
 ip address negotiated
 ip nat outside
 ip virtual-reassembly in
 encapsulation slip
 dialer in-band
 dialer string lte
 dialer-group 1
 async mode interactive
!
interface FastEthernet0
 no ip address
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 no ip address
!
interface FastEthernet3
 no ip address
!
interface GigabitEthernet0
 description $ETH-WAN$
 ip address dhcp client-id GigabitEthernet0 hostname rtr-wxk37
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface Serial0
 no ip address
 shutdown
 clock rate 2000000
!
interface Vlan1
 ip address 172.17.37.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip local policy route-map track-primary-if
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
!
ip nat inside source list 1 interface Cellular0 overload
ip nat inside source list 2 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 track 1
ip route 0.0.0.0 0.0.0.0 Cellular0 253
!
ip sla auto discovery
ip sla 1
 icmp-echo 8.8.8.8 source-interface GigabitEthernet0
ip sla schedule 1 life forever start-time now
dialer-list 1 protocol ip permit
!
route-map track-primary-if permit 1
 match ip address 100
 set interface GigabitEthernet0
!
route-map source permit 10
!
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 172.17.37.0 0.0.0.255
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 172.17.37.0 0.0.0.255
access-list 100 remark CCP_ACL Category=0
access-list 100 permit icmp any host 8.8.8.8
!
control-plane
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
line con 0
 no modem enable
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 stopbits 1
line 3
 script dialer lte
 modem InOut
 no exec
 transport input all
 rxspeed 100000000
 txspeed 50000000
line vty 0 4
 login local
 transport input ssh
!
scheduler allocate 20000 1000
ntp update-calendar
ntp server 24.56.178.140 source GigabitEthernet0
ntp server 129.6.15.28 prefer source GigabitEthernet0
ntp server 132.163.4.102 source Cellular0
!
end

Hi, 

 

Have you tried adding the EEM script suggested to clear the IP NAT translations when the primary goes DOWN? 

 

event manager applet IP_NAT

event track 1 state any

action 1.0 cli command "enable"

action 2.0 cli command "clear ip nat translation *"

yes, but it doesn't seem to help...still a NAT issue. My configuration is NAT'ing the out going Cell 0 WAN packets now. Then the router detects the Gig 0 WAN is restored and changes the route table to the Gig 0 WAN which disables Vlan1 host internet access. Then the Cell 0 WAN reconnects and the Vlan1 host have internet access. I'm using CCP to configure the NAT and something seems to be falling through the cracks.!  

cinthia, thank you very much for your input. _and it turns out your recommendation is part of my fix. _i opened a support ticket with cisco.com who held my hand and got me through this event. _i had about three different areas in my configuration that needed properly plugged with your recommendation being one of them. _i have attached my running-config for others that may benefit from it. _thanks again cinthia.

Hi,

 

Great!! I am glad to hear that the problem was resolved. Thanks for your feedback :). 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: