cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3239
Views
0
Helpful
2
Replies

SLA shutdown interface on Cisco ISR 4331 if IP unreachable

erick.olson1
Level 1
Level 1

Hello,

We're accepting incoming traffic from clients on a Cisco ISR 4331 AX and using a PBR to direct all traffic to a virtual Barracuda web filter (10.153.14.105).

If the Barracuda is down, for whatever reason, the traffic instead defaults to the default route, which allows unrestricted access to the internet.

Because of this, we want to be able to monitor the Barracuda IP: 10.153.14.105 and shutdown the interface on the Cisco router which we are accepting traffic (tunnel0) if the router detects that Barracuda is down.

We then want to be able to bring up the tunnel0 interface 120 seconds after the router see that the Barracuda is online.

We've tried to create an SLA to achieve this, but the tunnel doesn't go down (or come back up..) 

Any tips on how we can make this work? 


Here is what we have so far:

track 1 ip sla 1
ip sla auto discovery
ip sla 1
icmp-echo 10.153.14.105
frequency 10
ip sla schedule 1 life forever start-time now

!
event manager applet IPSLA_Down
event track 1 state up maxrun 20
action 1 wait 3
action 2 cli command "enable"
action 3 cli command "config t"
action 4 cli command "tunnel0"
action 5 cli command "shutdown"
!
event manager applet IPSLA_Up
event track 1 state up maxrun 150
action 1 wait 120
action 2 cli command "enable"
action 3 cli command "config t"
action 4 cli command "tunnel0"
action 5 cli command "no shutdown"

2 Replies 2

Joe Clarke
Cisco Employee
Cisco Employee

You're missing the "interface" keyword in actions 4:

 

action 4 cli command "interface tunnel0"

Also,

event manager applet IPSLA_Down
event track 1 state down maxrun 20

Review Cisco Networking for a $25 gift card