Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1060
Views
0
Helpful
0
Replies

ISR 4321 NAT issue

tsai.jack
Level 1
Level 1

‎10-26-2016 02:18 PM - edited ‎03-03-2019 08:23 AM

Cisco document says that LTE cell interface dose not like anything goes out without using the interface IP address.  When my 4321 router is using the LTE cell interface as its only way to get out, I cannot get a continuous ping to the LTE cell interface from outside.  There will be multiple timed out's periodically.  All interfaces are down except the cell interface.  When it was in our office without the Ethernet connection, the continuous ping never dropped.  The cell interface signal is good and the SNR is 4db.

Can someone shed a light as to the cause of the interface drops?

Thanks,

Jack

Reply from 166.153.83.97: bytes=32 time=155ms TTL=241
Reply from 166.153.83.97: bytes=32 time=123ms TTL=241
Reply from 166.153.83.97: bytes=32 time=122ms TTL=241
Reply from 166.153.83.97: bytes=32 time=281ms TTL=241
Reply from 166.153.83.97: bytes=32 time=120ms TTL=241
Reply from 166.153.83.97: bytes=32 time=139ms TTL=241
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Reply from 166.153.83.97: bytes=32 time=393ms TTL=241
Reply from 166.153.83.97: bytes=32 time=344ms TTL=241
Reply from 166.153.83.97: bytes=32 time=303ms TTL=241
Reply from 166.153.83.97: bytes=32 time=270ms TTL=241
Reply from 166.153.83.97: bytes=32 time=239ms TTL=241

ip access-list extended natvz-list
deny ip host 166.153.83.97 any
deny ip any 10.0.0.0 0.255.255.255
deny ip any 207.126.0.0 0.0.31.255
deny ip any 192.168.0.0 0.0.255.255
deny ip any 172.16.0.0 0.15.255.255
deny ip any 204.63.16.0 0.0.15.255
permit ip any any

ip nat inside source route-map natpri interface GigabitEthernet0/0/1 overload
ip nat inside source route-map natvz interface Cellular0/1/0 overload

interface GigabitEthernet0/0/1
description Primary Internet Connection (BrightHouse)
ip address 107.144.29.154 255.255.255.252
ip nat outside
negotiation auto

interface Cellular0/1/0
description Secondary Internet Connection via LTE Card (Verizon)
ip address negotiated
ip nat outside
ip access-group 11 in
dialer in-band
dialer idle-timeout 0
dialer watch-group 1
pulse-time 1
crypto map static-map

access-list 11 deny 4.2.2.2
access-list 11 permit any

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents