I have been trying to work out how to allow access to a website via https with a failover dsl solution. I have already configured the failover dsl using route-maps and a ip sla track and I now have smtp working on both public IP addresses if the one dsl circuit fails.
What I want to try to do now is be able to have a round robin DNS for a URL like remote.mydomain.com and have this resolve to two public IP addresses, then on the router enabled a static NAT for https from each public ip address to two ip addresses on my web server, this should then allow multiple connections to IIS as I have an ip listening on https for each connection.
The problem is routing now, I can make the static NAT work if I connect on the public ip that is the default route for 0.0.0.0, if I shutdown my ATM0/0/0.1 interface the Dialer0 becomes the default route and I can access the website via the static NAT on the Dialer0 public ip and I know this is because the route to 0.0.0.0 is updated to the interface I am connecting in on.
The question is, how do I enable access from either public IP address so I can provide access to the website, will this need to involve Policy Based Routing so that I can direct traffic out of the dialer0 interface if the traffic originates from this interface?
one thing you can do is to source-nat the traffic coming from outside directed to your 2 public IP addresses using 2 different pools. This way you can have the return traffic (from your network to the outside) going out the interface it came from.
At present I use two static NAT statements for the access to the web server from the two public IPs, are you suggesting I should use a route map in the NAT statement to match an ACL that states the source interface of the traffic?
If you could show me an example of what you are suggesting I am sure I get this working?
Thanks for your help, the route map has done the trick. I added an ACL for the traffic back from my server and then in the route map set the interface to send the traffic out from instead of the next hop as I have a dynamic ip on this circuit. Then I added the static NAT to the secondary inside ip address and the web site works from both public ip addresses.
I shall read up some more on PBR and Route Maps. Thanks for your help
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.