I am using a Cisco 1921 with a Verizon 4G LTE card installed. The primary connection is a Cable Modem with the 4G LTE acting as the backup. I've setup a track on the static route to the primary ISP. I'm having multiple issues. Initially I used the Gig 0/0 int instead of a Loopback address for the IP SLA source. The IP SLA traffic would be sent to the cellular interface and cause an IP source violation and the interface would flap. Then I used the Loopback and I could not get the route to fail back when the connection came back up. Even with the Loopback as the source for IP SLA I'm still getting flapping and I think that is a NAT configuration issue. I've applied an access-group on the cellular interface to try to fix the ip source violation issues, but it doesn't appear to work. The IP-SLA-POLICY route map is an attempt to force the IP SLA traffic to the primary interface. Any help or suggestions would be greatly appreciated. Here is the relevant config:
chat-script lte "" "AT!CALL1" TIMEOUT 20 "OK"
controller Cellular 0/1
!
!
track 150 ip sla 100 reachability
!
track 250 ip sla 200 reachability
!
track 400 list boolean or
object 150
object 250
delay down 30 up 30
!
interface Loopback0
ip address 10.0.40.1 255.255.255.255
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address 67.x.x.x 255.255.255.248 ***/29 From Internet Provider
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
ip virtual-reassembly in
duplex auto
speed auto
!
!
interface GigabitEthernet0/1.20
description Voice VLAN
encapsulation dot1Q 20
ip address 10.0.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1.30
description Data VLAN
encapsulation dot1Q 30 native
ip address 10.0.30.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
!
interface Cellular0/1/0
ip address negotiated
ip access-group 120 out
ip nat outside
ip virtual-reassembly in
encapsulation slip
dialer in-band
dialer string lte
dialer-group 1
async mode interactive
!
ip local policy route-map IP-SLA-POLICY
!
ip dns server
no ip nat service sip udp port 5060
ip nat inside source route-map TW interface GigabitEthernet0/0 overload
ip nat inside source route-map VW interface Cellular0/1/0 overload
ip route 0.0.0.0 0.0.0.0 67.y.y.y track 400 ***67.y.y.y. is the Static IP of the Cable Modem
ip route 0.0.0.0 0.0.0.0 Cellular0/1/0 50
ip route 4.2.2.3 255.255.255.255 Cellular0/1/0 ***used for testing cellular interface by pinging 4.2.2.3
!
ip sla 100
icmp-echo 4.2.2.4 source-interface Loopback0
threshold 350
timeout 400
frequency 5
ip sla schedule 100 life forever start-time now
ip sla 200
icmp-echo 8.8.4.4 source-interface Loopback0
threshold 350
timeout 400
frequency 5
ip sla schedule 200 life forever start-time now
access-list 100 permit ip 10.0.20.0 0.0.0.255 any
access-list 100 permit ip 10.0.30.0 0.0.0.255 any
access-list 100 permit ip host 10.0.40.1 any
access-list 110 permit ip 10.0.20.0 0.0.0.255 any
access-list 110 permit ip 10.0.30.0 0.0.0.255 any
access-list 120 deny ip 10.0.0.0 0.0.255.255 any
access-list 120 deny ip 192.168.0.0 0.0.255.255 any
access-list 120 deny ip 172.0.0.0 0.0.0.255 any
access-list 120 deny ip host 67.x.x.x any
access-list 120 permit ip any any
access-list 150 permit icmp host 10.0.40.1 host 8.8.4.4 echo
access-list 150 permit icmp host 10.0.40.1 host 4.2.2.4 echo
dialer-list 1 protocol ip permit
!
!
route-map VW permit 10
match ip address 110
match interface Cellular0/1/0
!
route-map TW permit 10
match ip address 100
match interface GigabitEthernet0/0
!
route-map IP-SLA-POLICY permit 10
match ip address 150
set interface GigabitEthernet0/0
!
!
!
line 0/1/0
script dialer lte
modem InOut
no exec
rxspeed 100000000
txspeed 50000000
