I have an 800 series router with a 3G cell backup.
The system is used on a boat and the WAN (FA4) port connects via marina wifi when the boat is docked.
FA4 is connected to an external wifi bridge that associates with marina wifi when they are in range.
When no wifi is available, the Cellular0 interface is used.
I am using SLA and event manager applets to restablish NAT and Tunnel source to the appropriate interface when the tracked state changes to Up (or Down).
The applicable config statements are below:
!
track 1 ip sla 1 reachability
!
ip nat inside source list 1 interface Cellular0 overload
ip route 0.0.0.0 0.0.0.0 10.11.12.1 track 1
ip route 0.0.0.0 0.0.0.0 Cellular0 100
!
ip sla 1
icmp-echo zzz.zzz.zzz.zzz source-interface FastEthernet4
ip sla schedule 1 life forever start-time now
!
access-list 1 remark CCP_ACL Category=18
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 10.11.12.0 0.0.0.255 any
access-list 101 remark CCP_ACL Category=128
access-list 101 permit ip host yyy.yyy.yyy.yyy any (Tunnel destination)
dialer-list 1 protocol ip permit!
!
event manager applet track-sla
event track 1 state down
action 1.0 syslog msg "Changing Tunnel Source to 3G-Cellular"
action 1.1 cli command "enable"
action 1.2 cli command "clear ip nat trans *"
action 1.3 cli command "configure terminal"
action 1.4 cli command "no ip nat inside source list 1 interface FastEthernet4 overload"
action 1.5 cli command "yes"
action 1.6 cli command "ip nat inside source list 1 interface Cellular0 overload"
action 1.7 cli command "int tu0"
action 1.8 cli command "tunnel source Cellular0"
action 1.9 cli command "end"
event manager applet track-sla1
event track 1 state up
action 1.0 syslog msg "Changing Tunnel Source to Fa4"
action 1.1 cli command "enable"
action 1.2 cli command "clear ip nat trans *"
action 1.3 cli command "configure terminal"
action 1.4 cli command "no ip nat inside source list 1 interface Cellular0 overload"
action 1.5 cli command "yes"
action 1.6 cli command "ip nat inside source list 1 interface FastEthernet4 overload"
action 1.7 cli command "int tu0"
action 1.8 cli command "tunnel source fa4"
action 1.9 cli command "end"
!
When wifi (internet) connectivity is down I need to have a host on the LAN connect to the wifi bridge (10.11.12.1). The routing table has the 10.11.12.0 network correctly entered. However, when I try to ping the wifi bridge from a host on the LAN there is no response. I can ping the wifi bridge from the router's own CLI prompt. When a host attempts to ping or http to the wifi bridge, the NAT translation table will have an entry for that address. So apparently the router is trying to NAT the address and it is getting sent out the wrong interface. (see below outputs)
Router#sho ip ro
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
S* 0.0.0.0/0 is directly connected, Cellular0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.11.12.0/24 is directly connected, FastEthernet4
L 10.11.12.194/32 is directly connected, FastEthernet4
xxx.xxx.0.0/32 is subnetted, 1 subnets
C xxx.xxx.168.230 is directly connected, Cellular0
D 192.168.0.0/24 [90/2818560] via 192.168.100.1, 00:22:20, Tunnel0
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, Vlan1
L 192.168.10.225/32 is directly connected, Vlan1
D 192.168.30.0/24 [90/3074560] via 192.168.100.1, 00:22:20, Tunnel0
192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.100.0/24 is directly connected, Tunnel0
L 192.168.100.3/32 is directly connected, Tunnel0
Router#sho ip nat tran
Pro Inside global Inside local Outside local Outside global
icmp xxx.xxx.168.230:1 192.168.10.232:1 10.11.12.1:1 10.11.12.1:1
tcp xxx.xxx.168.230:50502 192.168.10.232:50502 10.11.12.1:80 10.11.12.1:80
Does anyone have any suggestions/ideas on what is preventing the pings from being routed through the correct interface?
