07-29-2013 01:11 AM - edited 03-04-2019 08:34 PM
Hi, am having trouble trying to setup a 2800 series router as a failover device (please bear in mind that I am fairly new to IOS).
The device has two ADSL modules installed which will be used as a direct connection to the ADSL lines rather than go through a seperate modem.
I am looking for the config so I am able to connect to either connection and should the primary connection fail the secondary connect takes over.
I have been trying to configure this on and off for a while however am struggling even to get the router to successfully connect to the ISP.
07-29-2013 04:33 AM
Often asked had you searched before asking.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080950834.shtml
Firts have that working , then you can move to the redundacy part, that is often asked here as well.
Note IOS is not easy and not apt for beginners, better would be if youse an RV series routers.
07-29-2013 04:55 AM
Paolo,
I am happy to help the gentleman to get it working even though the topic has been discussed here several times.
Best regards,
Peter
07-29-2013 05:01 AM
Peter Paluch wrote:
Paolo,
I am happy to help the gentleman to get it working even though the topic has been discussed here several times.
Best regards,
Peter
No problem, but is worth for anyone to know that the matter is the subject already of many great documents and answers.
07-29-2013 05:18 AM
Hi Paolo,
No doubt about that.
It's just that we - as people representing the CSC and all its expertise, courtesy and willingness to help others by which it is considered one of the finest voluntary forums around - should not fall back to RTFM kind of answers, though sometimes it really looks like we are. No one is helped by that approach.
If there are documents that already cover the topic being discussed, let's have them quoted, absolutely. But let's not try to stop the discussion entirely just because any of us does not feel comfortable answering it. Lots of other people here have gained their great reputation by answering exactly those little repetitive tidbits we are already tired of responding to, and they have helped others immensely. That's why - and the only why - CSC is here.
Best regards,
Peter
07-29-2013 05:42 AM
Well said Peter - we were all novices once. And we have all known people along our journey who have taken the time and effort to explain complex things to us and we remember and appreciate those people.
07-31-2013 04:24 AM
Hello Phil,
Let's continue here so that the indented threading does not limit the available space for answers.
Your current output looks good! According to the output, both your ADSL connections are up and running and they have received an IP address! Congratulations so far!
Please try these pings:
ping 81.139.64.1
ping 88.104.224.1
Both of them should be successful - these are the IP addresses of the ISP. If that works, try pinging 4.2.2.2 or 8.8.8.8 - they should be successful as well.
If you can not access internet from your host please double check its IP settings. In fact, I recall we have not configured any DNS server in the DHCP pool on your router, so your PC is probably unable to ping or contact any domain names, but it should be capable of pinging all IP addresses suggested here so far! Can you test this?
If pinging IP addresses from the PC works, just please go to your router's configuration, enter the DHCP pool configuration and add the following line:
import all
This will cause your router to ask the ISP via PPP/IPCP for various IP settings including the addresses of DNS servers, and add them to the DHCP pool dynamically. After you do this, shutdown and reactivate both Dialer interfaces (this is necessary as we need to renegotiate IP settings with your ISP and request DNS server addresses along with it), and then, do ipconfig /release and ipconfig /renew on your PC. Then try pinging valid hostnames from your PC.
Let me know.
Best regards,
Peter
07-31-2013 06:04 AM
will test it out tomorrow morning,
dialer interfaces shutdown/ reactivate is there a renew/ reload option for this is or is it a case of opening up the config for each to force the chances?
07-31-2013 06:22 AM
Hello Phil,
You have to specifically enter the Dialer1 and Dialer2 interface configuration and shutdown / no shutdown them. I do not know any command outside the configuration mode that would "cycle" the interfaces.
Best regards,
Peter
08-01-2013 01:22 AM
Right tested it this morning and was able to ping both ISP Gateway addresses and 4.2.2.2 / 8.8.8.8 successfully.
shutdown/ no shudown cycled the dialers and release ip settings of the laptop I was using, was still unable to ping any url or url's ip address though can do so through the router itself (ping IP addresses via console).
any thoughts
08-01-2013 02:22 AM
Hello Phil,
At this moment I need to see your complete running-config. Please capture show running-config output and post it here. Remove sensitive information such as passwords but otherwise, keep it intact.
Best regards,
Peter
08-02-2013 02:31 AM
08-02-2013 10:37 AM
Hi Phil,
Your configuration is almost correct - it's just that you have inadvertently mixed uppercase and lowercase when editing the DHCP pools. Their names are case sensitive, and you have inadvertently created another DHCP pool.
Simply enter the following commands into your configure terminal mode:
no ip dhcp pool lan1
ip dhcp pool LAN1
dns-server 4.2.2.2
end
Then do the usual ipconfig /release and ipconfig /renew on your PC and try accessing internet again. If this does not work please issue the following command on the PC and post the results here:
tracert -d 158.193.138.7
I am interested to see where the traceroute stops.
Best regards,
Peter
08-02-2013 10:15 PM
Hello Phil,
Based on your description, I understand that you have two ADSL connections and you need configurations to set-up the PPPOA connections and also would like to have a fail-over functionality between these two WAN connections.
Please find the below set of configurations that can help you set this up,
1. Sample configuration to set-up the PPPOA connection,
a. Configure Ingress (LAN) interface:
Router(config)#interface Gig 0/0 (Any Ethernet/LAN facing port)
Router(config-if)#description internal interface
Router(config-if)#ip address x.x.x.x x.x.x.x
Router(config-if)#ip nat inside
Router(config-if)#no shut
b. Configure Egress(WAN) interface:
Router(config)#interface ATM0
Router(config-if)#no ip address
Router(config-if)#no shut
Router(config-if)#no atm ilmi-keepalive
Router(config-if)#dsl operating-mode auto
Router(config)#interface ATM0.1 point-to-point
Router(config-subif)#pvc 0/38
Router(config-if-atm-vc)# encapsulation aal5mux ppp dialer
Router(config-if-atm-vc)# dialer pool-member 1
Router(config-if-atm-vc)# exit
c. Configure Dialer interface:
Router(Config)#interface dialer1
Router(Config)#ip address negotiated
Router(Config)#ip mtu 1492
Router(Config)#ip nat outside
Router(Config)#encapsulation ppp
Router(Config)#dialer pool 1
Router(Config)#dialer-group 1
Router(Config)#ppp authentication chap pap callin
Router(Config)#ppp chap hostname xxxxx
Router(Config)#ppp chap password xxxxx
Router(Config)#end
Follow the same steps for the Second ADSL port as well but ensure you create another Dialer interface (Dialer 2) and also ensure to use "dialer pool-member 2" under ATM interface and "dialer pool 2" under the new Dialer 2 interface.
2. NAT configurations for DUAL-WAN set-up:
a. Create an Access-list permitting the LAN subnet intending to access the internet,
access-list extended 101
permit ip 10.10.0.0 0.0.0.255 any (for example 10.10.0.0/24 is considered as LAN subnet).
b. Create Route-maps,
route-map PRIMARY_WAN permit 10
match ip address 101
set interface Dialer 1
route-map SECONDARY_WAN permit 20
match ip address 101
set interface Dialer 2
c. Configure the NAT statement,
ip nat inside source route-map PRIMARY_WAN interface Dialer 1 overload
ip nat inside source route-map SECONDARY_WAN interface Dialer 2 overload
Make sure to add "ip nat inside" and "ip nat outside" on the Ingress and the Egress interfaces respectively.
3. WAN failover functionality (IP SLA),
(config)#ip sla 1
(config-ip-sla)#icmp-echo 4.2.2.2 source-interface Dialer 1
(config-ip-sla)#exit
(config)#track 1 ip sla 1 reachability
(config-track)#exit
(config)#ip sla schedule 1 life forever start-time now
Create default route statements and a permanent static route to reach 4.2.2.2,
ip route 0.0.0.0 0.0.0.0 Dialer 1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer 2 100
ip route 4.2.2.2 255.255.255.255 Dialer 1 permanent.
Try these configurations and let me know how it goes
Cheers,
Mithun
08-02-2013 11:32 PM
Hello Mithun,
Thank you for joining and for your willingness to help Phil!
I would like to kindly ask you for more observance of what has been accomplished in this thread so far before posting. Notice that we have already created a configuration for connectivity via both ADSL links, so posting another configuration that does not perfectly align with Phil's current configuration can cause confusions. Except for IP SLA which we have not yet implemented as we want first to have well working basic connectivity and only then proceed towards configuring the IP SLA-driven redundancy, Phil's current configuration already contains everything you have suggested.
Going over your suggested configuration, I see commands that pop up in many similar configuration templates and are not entirely correct. You may want to update or remove these commands from your templates:
Best regards,
Peter
08-03-2013 09:56 AM
Hello Peter,
I think I missed the long history of steps that were suggested here and I just wanted to provide the config Phil was looking to realize the set-up.
Sorry for any inconvenience caused.
I agree with your views on the above 3 commands, but I can assure you those would not cause any harm to the set-up either.
Cheers,
Mithun
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide