11-19-2013 04:42 AM - edited 03-11-2019 08:06 PM
Hello,
Trying to figure out if possible to run SLA monitor if I have dual dynamic ISP (DHCP), as both interfaces have setroute. How can I then track one of the connections?
Best regards
Jorgen
Solved! Go to Solution.
11-19-2013 07:08 AM
If you click on the link I provided it will take you to the section in the document where you will find the configuration required and explanation for the commands.
sla monitor 10
type echo protocol ipIcmpEcho
sla monitor schedule 10 start-time now life forever
track 1 rtr 10 reachability
interface phy_if
dhcp client route track track_id
the IP address in the sla monitor command should be a reliable address (perhaps a DNS server on the internet lik 4.2.2.2), that is if you do not have an IP at the ISP end you can ping.
--
Please rate all helpful posts.
11-19-2013 07:59 AM
On the interface that you are not doing the tracking you need to modify the ad distance, this is done the next way:
enable
config t
interface vlan 3
dhcp client route distance 254
The interface VLAN 3 is the interface backup where you will have your backup ISP. For obvious reasons the interface needs a nameif this is just an example on how to set the route distance.
Juan Mora
We help you rate it!!!
11-19-2013 06:54 AM
You would configure tracking as normal but on the physical interface you would add an extra command. Keep in mind that you MUST have the setroute keyword on the IP address command.
interface phy_if
dhcp client route track track_id
ip address dhcp setroute
You can configure static route tracking for statically defined routes or default routes obtained through DHCP or PPPoE. You can only enable PPPoE clients on multiple interface with route tracking.
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ip.html#wp1090243
11-19-2013 06:57 AM
Thanks Marius,
Can you help me with the commands that I need, have never done SLA monotoring.
11-19-2013 07:08 AM
If you click on the link I provided it will take you to the section in the document where you will find the configuration required and explanation for the commands.
sla monitor 10
type echo protocol ipIcmpEcho
sla monitor schedule 10 start-time now life forever
track 1 rtr 10 reachability
interface phy_if
dhcp client route track track_id
the IP address in the sla monitor command should be a reliable address (perhaps a DNS server on the internet lik 4.2.2.2), that is if you do not have an IP at the ISP end you can ping.
--
Please rate all helpful posts.
11-19-2013 07:59 AM
On the interface that you are not doing the tracking you need to modify the ad distance, this is done the next way:
enable
config t
interface vlan 3
dhcp client route distance 254
The interface VLAN 3 is the interface backup where you will have your backup ISP. For obvious reasons the interface needs a nameif this is just an example on how to set the route distance.
Juan Mora
We help you rate it!!!
11-19-2013 07:59 AM
Good example on the next link:
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/d2.html#wp1947262
11-19-2013 10:04 AM
The reason is because DHCP addresses always give out an AD of 1 and the ASA will not install two default routes on two separate interfaces with the same AD and same prefix.
11-19-2013 10:05 AM
Rate our assistance since we deserve it!!
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide