Hi, let me jump in here in relief to the commendable efforts by Joe.

To solve the "translation in use" problem, try "clear ip nat translation forced", then QUICKLY "conf t" and the suggested commands.

If that doesn't work, disconnect all cables except console, reload router, configure as suggested, reconnect cables.

Good luck!

Doh! I forgot FE1 does DHCP.

config t

ip access-list ext 102

1 permit udp any any eq bootpc

2 permit udp any any eq bootps

do write memory

int fa1

shut

no shut

do sh ip int brief

Joe,

Added the commands you referenced, also followed the steps offered by other engineer.

The router appears to not allow me to have both:

ip nat inside source list 1 interface FastEthernet0 overload

and

ip nat inside source list 1 interface FastEthernet1 overload

As soon as insert the command containing fa1, it overwrite or removes the same command containing fe0. When fe1 is the only statement in the config, I can access the Internet. When fe0 is in the config all works just fine. I have attached lastest config, also shows the IP INT Status and now both interfaces are up.

Am I missing something silly simple?

Sorry to drag this issue out, but I just want the failover redundancy to work...

THANKS!

Hi,

please configure an access-list 2 that is like 1, and reference it as

ip nat inside source list 2 interface FastEthernet1 overload

Be advised after that you're not done yet, you will need to tie the sla track to default routes, thing that is not done yet. That can be even be a problem as you are suing DHCP, workst case you will have to reference the GW that should never change.

And after you will need the timeout and possibly oer setting for NAT.

Sorry if that is not so easy.

Run the attached commands line by line.

and run this...

config t

interface FastEthernet1

no ip dhcp client route track 20

exit

exit

write memory

Do This - Add two route maps and two NAT overloads pointing to the same ACL

route-map INTERNET_FA0 permit 10

match ip address 1

match interface FastEthernet0

!

route-map INTERNET_FA1 permit 10

match ip address 1

match interface FastEthernet1

ip nat inside source route-map INTERNET_FA0 interface FastEthernet0 overload

ip nat inside source route-map INTERNET_FA1 interface FastEthernet1 overload

Now here is the problem your going to run into. DHCP by default has an administrative distance of 254 (REALLY dumb Cisco!) so when you do your routing, how is it going to know which path to take to the internet if you have a routing protocol running? One way is to reduce the AD is with "ip dhcp-client default-router distance 1" but now here it introduces a new problem. If both your wan links are DHCP, it applies the same AD to both routes "ip route 0.0.0.0 0.0.0.0 dhcp" If you try and append a AD to the end of the ip route 0.0.0.0 0.0.0.0 dhcp 100 for the secondary route - IT doesnt seem to work. I see tha you have RFC 1918 Space so I would recommend setting a static IP and route to the Fa1 device and leaving FA0 dhcp. Hope this helps

How come you have an RFC1918 address on your FE1?!? Is that what you get from your ISP? And what kind of address did you get when connecting the laptop directky into the modem?

Could you try and disconnect the primary line and from the CLI ping 4.2.2.1? With no filters on the FE1 interface BTW.