Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ADSL and FR via one router

I am try to configure a 2801 router to access one ISP via two services, Frame Relay and ADSL. I want email traffic to go over FR only and browsing over ADSL. If either of these services fail all traffic should be routed through the active service. The ISP setup FR as the primary route for incoming email traffic. The services are failing over but the problem is: inbound traffic fail to reach a host when the dialer interface is up. From outside I can ping the ethernet interface, the firewall and mail server When I down the dialer interface, but the minute the dialer interface comes up, I cannot ping these anymore including the serial interface. I can only ping the dialer interface. I attached the config. I hope someone can help me.Please review and let me know where the problem is and your solution. Thanks.

4 REPLIES

Re: ADSL and FR via one router

Hi,

All traffic except smtp traffic should be NATed and sent over the dialer0 interface. So once the dialer comes up the ICMP replies will also be NATed and sent over the Dialer0. Therefore the ICMP reply will not contain your official IP addresses from ethernet and your ping application will not recognize them.

So basically I think you have a problem because you need to "think" in Layer 4 (PBR) and not Layer 3.

In case you want to ping for testing purposes you should include ICMP in access-list 120.

Did this help? Please rate all useful posts.

Martin

VIP Purple

Re: ADSL and FR via one router

Hello,

in addition to Martin´s post, I am not sure if NAT is applicable at all in your situation and configuration. Since you seem to be using pubic IP addresses, and since you do not have inside and outside interfaces configured, you might as well take the lines:

ip nat inside source list 1 interface Dialer0 overload

access-list 1 permit any

out of your configuration alltogether.

As to your (policy) routing, I would make the two default routes equal:

ip route 0.0.0.0 0.0.0.0 Dialer0

ip route 0.0.0.0 0.0.0.0 205.80.76.13

that is, dot not specify an administrative distance; and change the Dialer0 to the nxt-hop address, if you know that address:

ip route 0.0.0.0 0.0.0.0 X.X.X.X

ip route 0.0.0.0 0.0.0.0 205.80.76.13

and change the route map as well:

route-map STATIC permit 20

description allow all other outbound traffic on ADSL

match ip address 130

set ip next-hop X.X.X.X

With CEF enabled, the policy route takes precedence, and only if the next hop specified in the route map is not available, the CEF routing table will be consulted, which should contain one entry only as well in case one of the next hop addresses is unavailable...

Does that make sense ?

Regards,

GP

New Member

Re: ADSL and FR via one router

Thanks for you quick response.

I would make things alittle easiler if I can remove the NAT, but If I remove the NAT I can't browse. any ideas as to why? The firewall which is CheckPoint is already do NAT so I don't need to NAT again.

In addition to my config I want to use SAA to track the status of each link. I don't want to limit it to only the availabilty of the next hop, since a FR or a ADSL failure can be further away than the next hop. I was looking at tracking http get to an URL like cisco.com, but you would agree with me that this might be considered as some form of network attack. Any other suggestions?

New Member

Re: ADSL and FR via one router

Hi Martin,

So you are saying that the reason that my inbound traffic is not reaching the hosts is because I need to allow for each of these services in my PBR?

105
Views
0
Helpful
4
Replies