Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Need help with cisco 1811 dual wan port forward config

I'm trying to configure cisco 1811 with dual isp internet connections. Everything is working fine till i get to setting up port forwards.

The port forwards for 2nd ISP do not work while connection to 1st isp is active. If if shutdown the connection to isp1 the port forwards work fine.

here's relevant section of the config

[CODE]

track 123 ip sla 1 reachability

delay down 15 up 10

!

track 456 ip sla 2 reachability

delay down 15 up 10

!

!

!

interface FastEthernet0

description COMCAST WAN

ip address 50.78.x.x 255.255.255.240

ip nat outside

ip virtual-reassembly in

shutdown

duplex auto

speed auto

no cdp enable

!

interface FastEthernet1

description ATT DSL

no ip address

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 1

no cdp enable

!

interface Vlan1

description LAN

ip address 192.168.20.51 255.255.0.0

ip nat inside

ip virtual-reassembly in

!

interface Dialer0

ip address negotiated

ip mtu 1452

ip nat outside

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication pap callin

ppp pap sent-username ****t password 0 ****

!

!

ip nat inside source route-map WAN1 interface FastEthernet0 overload

ip nat inside source route-map WAN2 interface Dialer0 overload

ip nat inside source static tcp 192.168.2.131 80 50.78.x.x 80 route-map WAN1 extendable

ip nat inside source static tcp 192.168.2.131 80 69.0.x.x 80 route-map WAN2 extendable

ip nat inside source static tcp 192.168.1.210 3389 69.0.x.x 3389 route-map WAN2 extendable

ip route 0.0.0.0 0.0.0.0 50.78.x.x track 123

ip route 0.0.0.0 0.0.0.0 Dialer0 track 456

!

!

!

route-map WAN1 permit 10

match interface FastEthernet0

!

route-map WAN2 permit 10

match interface Dialer0

!

ip sla 1

icmp-echo 8.8.8.8 source-interface FastEthernet0

threshold 40

timeout 1000

frequency 3

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo 4.2.2.2

threshold 40

timeout 1000

frequency 3

[/CODE]

I can access the 192.168.2.131 web server using the ISP1 ip but not ISP2 ip

If i shutdown ISP1 interface the server becomes accessible through ISP2.

Also while ISP1 is active I can't remote desktop to 192.168.1.210

There are no acls, firewall zones or anything else.

I would appreciate any help on this.

538
Views
0
Helpful
0
Replies
CreatePlease to create content