Solved: Re: Dual ISP connection gi0/2 not able to connect to internet

dgrant524 · ‎04-23-2024

Hello,

I need your help - currently we have a 2921 Cisco router connected to dual ISPs using "gi0/0 & gi0/1" and we are able to connect to either ISP successfully. Once we connect gi0/2 to any device the connected switch is not able to access the internet, I looked & looked and can not find my error.

-----------------------------

Router#sh run
Building configuration...

Current configuration : 3207 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
! card type command needed for slot/vwic-slot 0/1
! card type command needed for slot/vwic-slot 0/2
enable secret
enable password:
!
no aaa new-model
memory-size iomem 15
!
!
!
!
!
!
no ip routing
!
!
!
!
!
!
!
!

!
!
ip dhcp pool LAN
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 1.1.1.1 8.8.8.8
!
!
!
no ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
!
cts logging verbose
!
!
license udi pid CISCO2921/K9 sn FJC1945A0KY
license accept end user agreement
license boot module c2900 technology-package datak9
!
!
!
redundancy
!
!
track 1 ip sla 1 reachability
!
track 2 ip sla 2 reachability
!
track 3 list threshold percentage
object 1
object 2
delay down 40 up 40
!
!
!
!
!
interface Embedded-Service-Engine0/0
ip address 192.168.30.1 255.255.255.0
no ip route-cache
shutdown
no mop enabled
!
interface GigabitEthernet0/0
description WAN1
ip dhcp client route track 3
ip address dhcp
ip nat outside
ip virtual-reassembly in
no ip route-cache
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
ip address dhcp
ip nat outside
ip virtual-reassembly in
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
no ip address
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address
!
interface Vlan1
no ip address
no ip route-cache
!
!
ip local policy route-map PRI_ISP
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source route-map NAT_ISP1 interface GigabitEthernet0/0 overload
ip nat inside source route-map NAT_ISP2 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp
!
ip access-list extended NAT
permit ip 192.168.2.0 0.0.0.255 any
ip access-list extended RMAP_PRI_ISP
permit icmp any host 8.8.8.8
permit icmp any host 4.2.2.2
!
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
frequency 10
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 4.2.2.2 source-interface GigabitEthernet0/0
frequency 10
ip sla schedule 2 life forever start-time now
dialer-list 1 protocol ip permit
!
route-map PRI_ISP permit 10
match ip address RMAP_PRI_ISP
set ip next-hop dynamic dhcp
set interface GigabitEthernet0/0
!
route-map NAT_ISP2 permit 10
match ip address NAT
match interface GigabitEthernet0/1
!
route-map NAT_ISP1 permit 10
match ip address NAT
match interface GigabitEthernet0/0/0 GigabitEthernet0/0

Router#sh ip route
Default gateway is 192.168.12.1

Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty

dgrant524 · ‎04-23-2024

Problem 'no ip routing'. So the first step was to enable ip routing by simply typing 'ip routing' in global config mode. Everything is working as expected now, thanks everyone

View solution in original post

MHM Cisco World · ‎04-23-2024

Show ip route'

Share this when you connect both ISP

MHM

dgrant524 · ‎04-23-2024

Router#sh ip route
Default gateway is 192.168.12.1

Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty

##-Please type your reply above this line -##

MHM Cisco World · ‎04-23-2024

Are you sure you use

Ip routing

The show ip route is missing defualt route push by ISP

MHM

Georg Pauwen · ‎04-23-2024

Hello,

what do you want to achieve, GigabitEthernet0/0 being the primary, and GigabitEthernet0/1 being the backup interface ?

dgrant524 · ‎04-23-2024

Currently gi0/0 is the primary & gi0/1 is the secondary, and both are able to connect to the ISPs and have internet access - my main issue is gi0/2 is not able to reach the internet if that makes any sense.

balaji.bandi · ‎04-23-2024

Can you clarify some of the stuff :

i do not see any where on the interface you applied policy route-map ?

Currently gi0/0 is the primary & gi0/1 is the secondary, and both are able to connect to the ISPs and have internet access

how did you tested this ? what is the end device IP address where did you connected the end device to test it ?

 my main issue is gi0/2 is not able to reach the internet if that makes any sense.

are you connecting PC directly to this Interface, what is the IP address of PC, are you able to ping gateway 2.1

There is some config which i like to change - but again based on the requirement, you have only one static route configured, there are some config mixing, until we know your intention, what worked as i have asked question.

check some example of config here to help :

https://www.balajibandi.com/?p=1643

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

dgrant524 · ‎04-23-2024

ip routing was not applied once that was applied it all worked

dgrant524 · ‎04-23-2024

Problem 'no ip routing'. So the first step was to enable ip routing by simply typing 'ip routing' in global config mode. Everything is working as expected now, thanks everyone

MHM Cisco World · ‎04-23-2024

As I mention before

Glad issue solved

Have a nice day

MHM

dgrant524 · ‎04-25-2024

Hello,

I'm reaching out regarding a configuration issue we're experiencing with our 2921 router and the 4 port Gigabit EtherSwitch EHWIC card installed. Despite our efforts, we haven't been able to successfully configure the card to allow connections for devices.

Specifically, we're aiming to set up the ports to utilize the existing DHCP addresses, although we're open to creating a new DHCP set if necessary. The primary requirement is for these ports to have internet access once configured.

Could you kindly provide guidance or step-by-step instructions on how to properly configure the Gigabit EtherSwitch EHWIC card to achieve this? Any assistance or resources you could offer would be greatly appreciated.

Thank you very much for your attention to this matter. Looking forward to your prompt response.

-Don

----------------------------------------------------------------------------------------------

Current configuration : 3272 bytes
!
! Last configuration change at 14:07:54 EDT Thu Apr 25 2024
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec

no aaa new-model
memory-size iomem 15
clock timezone EST -5 0
clock summer-time EDT recurring 1 Sun Mar 2:00 1 Sun Nov 2:00
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
ip dhcp pool LAN
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 1.1.1.1 8.8.8.8
!
!
!
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
!
cts logging verbose
!
!
license udi pid CISCO2921/K9 sn FJC1945A0KY
license accept end user agreement
license boot module c2900 technology-package datak9
!
!
!
redundancy
!
!
track 1 ip sla 1 reachability
!
track 2 ip sla 2 reachability
!
track 3 list threshold percentage
object 1
object 2
delay down 40 up 40
!
!
!
!
!
interface Embedded-Service-Engine0/0
ip address 192.168.30.1 255.255.255.0
shutdown
no mop enabled
!
interface GigabitEthernet0/0
description WAN1
ip dhcp client route track 3
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
switchport access vlan 10
no ip address
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address
!
interface Vlan1
no ip address
!
!
ip local policy route-map PRI_ISP
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source route-map NAT_ISP1 interface GigabitEthernet0/0 overload
ip nat inside source route-map NAT_ISP2 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp
!
ip access-list extended NAT
permit ip 192.168.2.0 0.0.0.255 any
ip access-list extended RMAP_PRI_ISP
permit icmp any host 8.8.8.8
permit icmp any host 4.2.2.2
!
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
frequency 10
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 4.2.2.2 source-interface GigabitEthernet0/0
frequency 10
ip sla schedule 2 life forever start-time now
dialer-list 1 protocol ip permit
!
route-map PRI_ISP permit 10
match ip address RMAP_PRI_ISP
set ip next-hop dynamic dhcp
set interface GigabitEthernet0/0
!
route-map NAT_ISP2 permit 10
match ip address NAT
match interface GigabitEthernet0/1
!
route-map NAT_ISP1 permit 10
match ip address NAT
match interface GigabitEthernet0/0
!
!
snmp-server community public RO
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4

transport input none
!
scheduler allocate 20000 1000
ntp server 129.6.15.26
!
end

balaji.bandi · ‎04-25-2024

nterface GigabitEthernet0/0/0
switchport access vlan 10
no ip address
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address

make sure port are access port (before you can connect any PC to that)

i do not see any VLAN 10 config on this device ? so that not going to work.

by default VLAN1 should able to work, but what IP address PC getting ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help