Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Changing ISP's and NAT and routing

We're changing IPS's and have a new block of IP's from the new ISP. While we are doing this, both are running and we need to be able to have our websites whatnot available through either ISP.

We have one router, a 2811 ISR running 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(25b).

Originally we ran like this (IP blockes changed, netmasks are the same thoug)

external interface fe0/0 - - default route

This interface has `ip nat outside` defined on it

We had an IP block of with which we were using static NAT entries to enable access from our customers to the services we're running, such as:

ip nat inside source static extendable

That worked just fine, and going out through our old ISP still does. The problem is with the traffic from the new ISP.

External interface is Vlan2, the 2811 has a 4 port addon module, - default route

This interface also has `ip nat outside` defined on it.

The routers default route is through the Old ISP.

From the new ISP we have the IP block We added similar static NAT entries as above:

ip nat inside source static tcp extendable

Now, traffic does come in from the New ISP and that nat translation does happen ( to, however if you were to browse to, your browser would just sit there and eventually time out. I believe what is happening is that the router is sending the return traffic out the default route, which goes out to the old ISP and not back out the interface it originated from.

What we are tying to do is have the traffic that should go out throgh the old ISP go out to the old ISP, but traffic from the new circiut should go out the new circuit. This only needs to be for a month or so as we move over, what we are trying to avoid is simply completely shutting off the old one and interupting service. We don't want to load balance traffic.

Exactly how do we go about routing this?