OK I see where this is going wrong. When you reconnect the fibre box, the routing table still does not have an entry for 0 /0 as it is not being inserted due the tracking object.

You are better off determining what the first hop IP of your ISP it. With the ISP1 link working run a traceroute from a PC and take note of the second hop IP. Make the following adjustments:

!
ip sla 2
 icmp-echo <second_hop_ip> source-ip 192.168.1.254
!
ip route <second_hop_ip> 255.255.255.255 192.168.1.1
!

Since we don't know the subnet of the ISP link to the internet we are going to use a /32 route. Now your router will always know how to reach the other end of your ISPs fibrelink, so when you reconnect it, tracking object 3 will return TRUE and the default route will be installed.

cheers,

Seb.

Hy

thank yo ufor your help.

And i remplace second hop ip by 8.8.8.8?isnt it? or the wan 2 ip?

Thank you again

Replace 8.8.8.8 with the second hop IP (which is the first hop for the fibrebox router).

thanks a lot

this is my new configuration 

service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname routeur-cisco1811
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
enable secret 5 xxxx
!
aaa new-model
!
!
aaa authentication login default local
!
!
aaa session-id common
!
!
dot11 syslog
ip source-route
!
!
ip dhcp excluded-address 192.168.9.1
ip dhcp excluded-address 192.168.9.11
ip dhcp excluded-address 192.168.9.12
ip dhcp excluded-address 192.168.9.13
ip dhcp excluded-address 192.168.9.14
ip dhcp excluded-address 192.168.9.15
 ip dhcp excluded-address 192.168.9.253
ip dhcp excluded-address 192.168.9.254
ip dhcp excluded-address 192.168.2.1
ip dhcp excluded-address 192.168.2.253
ip dhcp excluded-address 192.168.2.254
!
ip dhcp pool MULTIMEDIA_LAN
   network 192.168.9.0 255.255.255.0
   dns-server 8.8.8.8 8.8.4.4
   default-router 192.168.9.254
!
!
ip dhcp pool CASA_LAN
   network 192.168.2.0 255.255.255.0
   dns-server 8.8.8.8 8.8.4.4
   default-router 192.168.2.254

!
ip cef
no ip domain lookup
ip domain name domoticity.com
ip name-server 8.8.8.8
ip name-server 8.8.4.4
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
username domoticity privilege 15 secret xxxxxx
!
!
!
archive
 log config
  hidekeys
!
!
ip ssh time-out 60
ip ssh logging events
ip ssh version 2
!
track 1 ip sla 1 reachability
!
track 2 ip sla 2 reachability
!
track 3 list boolean and
 object 1
 object 2
!
!
!
interface FastEthernet0
 description Acces principal FTTH
 ip address 192.168.1.254 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
no shutdow
!
interface FastEthernet1
 description Acces secour 3/4G
 ip address 10.0.0.254 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
no shutdow
!
interface FastEthernet2
 switchport access vlan 2
no shutdow
!
interface FastEthernet3
 switchport access vlan 3
no shutdow
!
interface FastEthernet4
 switchport access vlan 4
no shutdow
!
interface FastEthernet5
 switchport access vlan 5
no shutdow
!
interface FastEthernet6
 switchport access vlan 6
no shutdow
!
interface FastEthernet7
 switchport access vlan 7
no shutdow
!
interface FastEthernet8
 switchport access vlan 8
no shutdow
!
interface FastEthernet9
 switchport access vlan 9
no shutdow
!
interface Vlan1
 no ip address
!
interface Vlan2
 description domoticity
 ip address 192.168.2.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
no shutdow
!
interface Vlan3
 description casa
 ip address 192.168.3.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
no shutdow
!
interface Vlan4
 description stockage
 ip address 192.168.4.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
no shutdow
!
interface Vlan5
 description domotique et cameras
 ip address 192.168.5.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
no shutdow
!
interface Vlan6
 description sentinelle
 ip address 192.168.6.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
no shutdow
!
interface Vlan7
 description Monotoring surveillance generale
 ip address 10.1.1.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
no shutdow
!
interface Vlan8
 description Orange travail
 ip address 192.168.8.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
no shutdow
!
interface Vlan9
 description Serveurs multimedia
 ip address 192.168.9.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
no shutdow
!
interface Async1
 no ip address
 encapsulation slip
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.1.1 track 3
ip route 0.0.0.0 0.0.0.0 10.0.0.1 10
no ip http server
no ip http secure-server
!
!
ip nat inside source route-map BACKUP_ISP interface FastEthernet1 overload
ip nat inside source route-map MAIN_ISP interface FastEthernet0 overload
!
ip sla 1
 icmp-echo 192.168.1.1 source-ip 192.168.1.254
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 10.0.0.254 source-ip 192.168.1.254
ip sla schedule 2 life forever start-time now
!
ip route 10.0.0.254 255.255.255 192.168.1.1
!
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
access-list 100 permit ip 192.168.3.0 0.0.0.255 any
access-list 100 permit ip 192.168.4.0 0.0.0.255 any
access-list 100 permit ip 192.168.5.0 0.0.0.255 any
access-list 100 permit ip 192.168.6.0 0.0.0.255 any
access-list 100 permit ip 192.168.8.0 0.0.0.255 any
access-list 100 permit ip 192.168.9.0 0.0.0.255 any
access-list 100 permit ip 10.1.1.0 0.0.0.255 any
!
!
!
!
route-map BACKUP_ISP permit 10
 match ip address 100
 match interface FastEthernet1
!
route-map MAIN_ISP permit 10
 match ip address 100
 match interface FastEthernet0
!
!
!
control-plane
!
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 transport input ssh
line vty 5 15
 transport input ssh
!
event manager applet CLEAR_NAT_DOWN
 event track 3 state down
 action 1.0 cli command "enable"
 action 2.0 cli command "clear ip nat translations forced"
event manager applet CLEAR_NAT_UP
 event track 3 state up
 action 1.0 cli command "enable"
 action 2.0 cli command "clear ip nat translations forced"
!
end

So now, when i disconnect the wan1(fa0) it balances to the wan2(fa1).

When i connect again the wan1,i stay in the wan2 but if i reload the cisco router or i disconnect and connect again the wan2, it comes back to the wan1. For me it's ok, i don't ask more lol. 

But if i cut the fiber supply, links between fiber router and cisco router always plugged, no balance.

Another problem lol

Thank you for your help and patience

When you reconnect WAN1, what is the output of:

sh ip route

sh track

Hy,

for the problem of disconnecting and connecting again the wan1,it works now, after a reboot of my fiber box.

But it stays the problem when i lose the fiber supply.

If i have a lose of internet in my fiber line, the cisco router stay routing by the wan1(eth0).

If that is true, then ip sla 2 must have the wrong target IP. With the fibre disconnected tracking object 2 should return false.

!
ip sla 1
 icmp-echo 192.168.1.1 source-ip 192.168.1.254
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 10.0.0.254 source-ip 192.168.1.254
ip sla schedule 2 life forever start-time now
!
ip route 10.0.0.254 255.255.255 192.168.1.1

That's i have put for the ipsla 2. 

10.0.0.254 is the address ip of the wan2(FA1)

192.168.1.254 is the address ip of the wan1(FA0)

192.168.1.1 is the address of my fiber box.

Not included but 10.0.0.1 is the address ip of my router 4g.

 instead 

icmp-echo 10.0.0.254 source-ip 192.168.1.254

do i put  

icmp-echo 10.0.0.1 source-ip 192.168.1.254

I am a few lost lol

Maybe a diagram will help:

                   SLA1                         SLA2
                    +                            +
                    |                            |
                    |                            |
                    |                            |
+------------+      |     +----------+           |   +---------+
|            |      |     |          |           |   |         |
| router     |      +---> | fiber box|           +-> |ISP1     |
|            +------------+          +---------------+         |
|            |    LinkA   |          |   LinkB       |         |
+------------+            +----------+               +---------+

Both ip sla jobs need to be sourced from the router interface on LinkA.

ip sla job 1 needs to have a destination of the fibrebox interface on LinkA.

ip sla job 2 needs to have a destination of the ISP interface on LinkB. For a PC plugged into your router, performaing a traceroute whilst the ISP1 route is functional, the IP address you want to use will be the second hop.

Likewise the new ip route statement needs to specifiy the ISP interface on LinkB as the destination host:

!
ip route <ISP_interface_ip> 255.255.255.255 192.168.1.1
!

cheers,

Seb.

Hy,

sorry to answer just now, a lot of work.

So if i have understood with your diagramm,i should put my isp ip,so my wan ip address.

My provider is Orange,and i think we haven't Fixed ip.

I have a no-ip count, is it good?

Sorry if sometime i take time to understand but i have very newie in cisco and i don't speak English very well.

And thank you for your help,very very much

I have modified my configuration according to your Diagram and everything is ok. :) :) :) :)

Thank you very very very very much.

Fail over works.

It stays the Rights of connections between Vlan.

If i have understood, i make an access-list standard with all ip allowed.

for Example :

p access-list 112 permit  192.168.3.0 0.0.0.255
ip access-list 113 permit  0.0.0.0 0.0.0.0
interface fastEthernet 2
ip access-group 112 in
interface fastEthernet 3
ip access-group 113 in

thank again

Since now you are using a new SLA, you have to change the event tracker:

event track 2 state down

event track 2 state up

Sorry, but i don't understand the manipulation to do.

Hello, you have to change the event track number (to 3 actually, since that is what your default route is tracking):

event manager applet CLEAR_NAT_DOWN
event track 3 state down
action 1.0 cli command "enable"
action 2.0 cli command "clear ip nat translations forced"
event manager applet CLEAR_NAT_UP
event track 3 state up
action 1.0 cli command "enable"
action 2.0 cli command "clear ip nat translations forced"