Showing results for 
Search instead for 
Did you mean: 

Cisco 2851 - How to route/NAT based on IP with 2 WAN connections?

I have a Cisco 2851 (with a 4 port switch module) that I am trying to set up with two different internet connections, and have it route traffic out to them based on the source IP. One connection is a 50mb Comcast connection, another is our T1 that our servers are hosted on. The goal is to guide server/phone system traffic to the T1 and have the rest default to the Comcast.

I currently have the 2851 connected to our Layer 3 switch (Dell Powerconnect 6224) with a subnet created between them. Static routes have been created on the 2851 back to all of our existing subnets. Traffic flows internally without a problem between the subnets and 2851 (and vice versa). I set up the 2851 with route-map's in the NAT to control the flow of traffic, with the default route set to the Comcast connection. Default route works great, speedtest shows full speeds and everything looks great.

The problem happens when I apply my route-map policy to the internal LAN interface with the ACL list of IP's that I want to guide to the T1 (with a next-hop of the T1's IP address). I tested some tracert's and pings from one of the IP's in this list and they would stop at the T1 modem and not go any further. I did a "show ip nat translations" and noticed that the "outside" portion (right half) was blank for every IP that was in the ACL or related to the T1. So my guess is it looks like this is not doing NAT for the T1? I double-checked that I had my "ip nat inside" on the LAN interface and "ip nat ouside" on the T1 VLAN interface and Comcast interface and they were there.

Can any of you guys check this out and tell me why it isn't working? Or maybe give me an alternative method to accomplish the same end result? I have attached the running-config from the 2851 (with certain IP's changed/blanked).

Marwan ALshawi

what is the reason of having multiple secondary IPs on the VLAN interface ?

can yu confirue the IP that peer with T1 service as main IP and remove the secondary IPs

do clear ip nat translation *

and test

also enable debug ip nat detailed and see where the nat is stoping

hope this help