08-26-2014 11:48 AM - edited 03-04-2019 11:37 PM
Hello, I would like to help me with something.
I would like to do failover on my cisco router but the problem is that i have two isp but one of them is DSL. I meam that It learns gateway for dhcp and this is my main gateway.
I tried to do the same thing but I can´t put track in this command "ip route 0.0.0.0 0.0.0.0 dhcp.."
I also use "ip dhcp-client default-route 25" but It didn´t work..
could you help me ? please
I upload a file with configuration that i actually have it. In this file I don´t have any configuration about failover because i tried many option but i haven´t found any solution
08-26-2014 01:11 PM
Try these links:
To make the route to DHCP you must use ip dhcp client route track under the interface.
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book.pdf
http://docwiki.cisco.com/wiki/IP_SLA_Tracking_with_Configuration_Example
http://linkstate.wordpress.com/2011/07/15/ip-sla-and-object-tracking/
08-29-2014 01:04 PM
Hello Michael,
I used ip dhcp client route track under the interface but it didn´t work..
do you have any example that the principal gateway is learned by dhcp?
08-29-2014 01:12 PM
You need to create track and SLA first before. After created whatever you named track for example 456 would be ip dhcp client route track 456.
09-01-2014 06:09 AM
I did this but on router didn´t change deafult route.
This is the configuration that i tried:
Current configuration : 9940 bytes
!
! Last configuration change at 22:10:41 UTC Fri Aug 29 2014 by Conssa
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RT_Conssaccs
!
boot-start-marker
boot system flash:c890-universalk9-mz.153-3.M2.bin
boot-end-marker
!
aqm-register-fnf
!
logging buffered 51200 warnings
enable secret 5 $1$RK//$OFh6Dnk96LlX1VFKQwsme.
!
aaa new-model
!
!
aaa authentication login default enable
aaa authentication login consola local
aaa authentication login vty line
aaa authentication login userauthen local
aaa authorization network EZAUTHR local
!
!
!
!
!
aaa session-id common
!
crypto pki trustpoint TP-self-signed-4275920401
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4275920401
revocation-check none
rsakeypair TP-self-signed-4275920401
!
!
!
!
!
!
!
ip dhcp ping timeout 100
!
!
ip dhcp update dns
!
!
ip dhcp-client default-router distance 100
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
license udi pid CISCO891-K9 sn FTX145104B5
!
!
object-group network conssaremoto
description vpnremoto
range
!
object-group network pruebasael
description vpnremoto
range
!
redundancy
!
!
!
!
!
track 1 ip sla 1 reachability
!
!
no ip ftp passive
!
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 5
lifetime 180
!
crypto isakmp policy 20
encr 3des
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp key cisco address
crypto isakmp keepalive 10 4
!
crypto isakmp client configuration group conssa
key vpnbna
pool conssaVPN
acl 121
mode transport
crypto ipsec transform-set TSET esp-3des esp-md5-hmac
mode tunnel
!
crypto ipsec profile CiscoCP_Profile1
set transform-set ESP-3DES-SHA
set pfs group5
!
crypto ipsec profile EZPROFILE
set transform-set TSET
!
!
!
!
!
!
!
interface Tunnel0
description VPNConssaCCs
bandwidth 1000
ip address
ip mask-reply
ip mtu
ip nhrp authentication DMVPN_NW
ip nhrp map multicast
ip nhrp map
ip nhrp network-id 100000
ip nhrp holdtime 360
ip nhrp nhs
ip nhrp registration no-unique
ip nhrp registration timeout 30
ip tcp adjust-mss 1360
delay 1000
tunnel source GigabitEthernet0
tunnel destination
tunnel key 100000
tunnel protection ipsec profile CiscoCP_Profile1
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
switchport access vlan 2
no ip address
shutdown
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
no ip address
!
interface FastEthernet5
no ip address
!
interface FastEthernet6
no ip address
!
interface FastEthernet7
no ip address
!
interface FastEthernet8
description $ETH-WAN$
no ip address
shutdown
duplex auto
speed auto
!
interface Virtual-Template1 type tunnel
ip unnumbered Vlan1
tunnel mode ipsec ipv4
tunnel protection ipsec profile EZPROFILE
!
interface GigabitEthernet0
description $ETH-WAN$
ip dhcp client route track 1
ip ddns update hostname
ip ddns update noip
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Vlan1
description $ETH-LAN$
ip address
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
!
interface Vlan2
no ip address
shutdown
!
interface Async1
no ip address
encapsulation slip
!
!
!
ip local policy route-map prueba
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http client username conssa
!
!
ip nat inside source list 1 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 10.10.6.1 200
!
ip sla auto discovery
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0
frequency 5
ip sla schedule 1 life forever start-time now
no logging trap
no cdp run
route-map prueba permit 10
match ip address 101
set ip next-hop dynamic dhcp
access-list 1 permit any
access-list 101 permit icmp any host 8.8.8.8 echo
--------------------------------------------------------------------------------------------------------------
sh ip route
Gateway of last resort is 200.84.32.1 to network 0.0.0.0
S* 0.0.0.0/0 [100/0] via 200.84.32.1
10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
09-01-2014 06:25 AM
09-02-2014 01:35 PM
Yes, because the router learn that route by dhcp.
0.0.0.0/0 [100/0] via 200.84.32.1
08-28-2014 01:09 PM
Hi there,
Please check thread, it will help you.
https://supportforums.cisco.com/discussion/10955306/ip-sla-cisco-3750-default-route-failover
Thanks
Rizwan Rafeek
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: