Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
756
Views
3
Helpful
5
Replies

Nat over two WAN link

gbenga.shobowale
Level 1
Level 1

‎04-23-2009 01:02 AM - edited ‎03-04-2019 04:29 AM

Hi all,

I have an issue trying to nat over two links. Currently I can only get it to work over one. I have static routes and I need to have it over both so that if one link is down we use the other link, link an automatic failover.

Below is my current config.

interface FastEthernet0

ip address xxx.xxx.xxx.173 255.255.255.248

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet1

ip address xxx.xxx.xxx.2 255.255.255.128

ip nat outside

ip virtual-reassembly

speed 10

half-duplex

!

interface Vlan1

ip address 192.168.0.1 255.255.255.0

ip access-group Control in

ip nat inside

ip virtual-reassembly

!

interface Async1

no ip address

encapsulation slip

!

ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.169 151

ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.1 152

!

!

no ip http server

no ip http secure-server

ip nat inside source static 192.168.0.2 interface FastEthernet0

!

ip access-list extended Control

permit ip 192.168.0.0 0.0.0.255 any

Labels:
0 Helpful
5 Replies 5

Sureshdank
Level 1
Level 1

‎04-23-2009 02:09 AM

Hi

Are these Internet links or Interoffice leased lines.

If they are Internet links you can ask your service provider to route the public segment towards both the links at his end. So what happens when reverse packet comes to the ISP end it will find the route towards tow interfaces if any of them is down it will go to the secondary link. Auto load balancing will take place.

Please rate if helpfull.

regards,

Suresh Kumar

0 Helpful

gbenga.shobowale
Level 1
Level 1
In response to Sureshdank

‎04-24-2009 12:19 AM

Thanks Suresh they are both Internet links

0 Helpful

zenon_electronics
Level 1
Level 1

‎04-23-2009 06:52 AM

Hi,

you have to use the "extendable" command at the end of the NAT rule, for example:

ip nat inside source static 192.168.0.2 x.x.x.x extendable

ip nat inside source static 192.168.0.2 y.y.y.y extendable

where x.x.x.x and y.y.y.y are the ip addresses of your interfaces fa0 and fa1.

Make sure you use the IP address not "interdace fastEthernet" command.

Good luck and regards!

gbenga.shobowale
Level 1
Level 1
In response to zenon_electronics

‎04-24-2009 12:27 AM

Thanks but this did not give my desired result as nat now works on one interface but not the other.

I am hoping that the best of both worlds.. I will post another configuration I am trying soon.. just hoping it works

0 Helpful

gbenga.shobowale
Level 1
Level 1
In response to gbenga.shobowale

‎04-25-2009 07:39 AM

ip sla 1

icmp-echo xxx.xxx.xxx.1

ip sla schedule 1 life forever start-time now

!

!

track 123 rtr 1 reachability

!

I tried this to monitor if the link is down.. but for some strange reason putting this on the routing table it says the link is down...

I had to remove it and having the

ip nat inside source static 192.168.0.2 xxx.xxx.xxx.169 extendable

ip nat inside source static 192.168.0.2 yyy.yyy.yyy.1 extendable

Solved the problem

thanks guys ... but really the problem is with the statement when i ping the gw (within the router) it timeout even though I am on the net. I can ping from a workstation.. just wondering ...

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card