I am trying to set up bonded T1 to failover to DSL. Below is my set up.
An ASA 5505 is connected to inside network and also conencts to f0/0 on a 2811. 2811 has dual T1 cord with two T1 bonded using MLPPP. Multilink interface is my promary route ti Internet.
2811's F 0/1 is conencted to a DSL router. When I shut down multilink, trying to get to 126.96.36.199 works fine from 2811 as does a number of other IP address I tried (ping and trace-route). With multilink down, sourcing pings to 188.8.131.52 from router works. However, when a user from LAN tries to connect to Internet, it fails.
Based on your description of the symptoms I would guess that the traffic coming out of the ASA has been translated to an address that is associated with the T1/multilink. When you take that link down and send traffic over the DSL you can send it out ok. But I would guess that responses are attempting to come back over the T1/multilink since that is where the source address belongs logically.
My guess is that to fix it you will need to configure address translation so that any traffic that is sent over the DSL gets translated to an address that is associated with the DSL.
Router does not do any translation. All inside addresses are translated to ASA's outside. I also turned off NAT on DSL router so there would not be any double-NAT issues. I just worked with customer and replaced T1 as static route with route to DSL as new static. From router, I was again able to ping 184.108.40.206 but not from a laptop directly connected to Cisco.
I can not tell whether you agree with my theory of the problem or not. It seems to me that the ASA is translating addresses with an address (or an address pool) that is associated with the multilink. When you stop the multilink and send traffic out the DSL the translated address is no longer the correct address to use.
Perhaps it would help to clarify the issue if you would tell us what address space is used on the multilink, what address space is used on the ASA (and what addresses are used for translation) and what address space is used on the DSL.
I should have mentined...I initially did not agree with you. BUT, I see your point. The IP Address ASA uses for translation is 220.127.116.11 (overload) which is associated with Multilink pool. IP Addresses on the link between Cisco and DSL is also from Multilink pool as well. So to resolve this, I should use IP addresses from DSL pool on link between Cisco and DSL router and perform NAT on Cisco.
I am glad that my suggestions were able to help you to resolve your issue. Thank you for using the rating system to indicate that your issue was resolved (and thanks for the rating). It makes the forum more useful when people can read an issue and can know that there was a response which did resolve the issue.
The forum is an excellent place to learn Cisco networking. I encourage you to continue your participation in the forum.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...