Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1650
Views
25
Helpful
5
Replies

dual isp failover issues with cisco 881

rizy22@yahoo.com
Level 1
Level 1

‎06-03-2016 09:22 AM - edited ‎03-05-2019 04:09 AM

I am trying to use dual isp's connections on CISCO 881 by using static route track. I have problem that I can't ping, telnet secondary router IP from WAN(public address,able to ping from router console). This is the reason that secondary connection is not doing fail over when primary fail. SLA all commands are ok and working fine. Its look like issue with nating. only primary route is active and I can ping and telnet from WAN. I want a solution that both addresses are ping able, telnet from WAN, with failover.

Configuration file:

ip dhcp pool phones
network 192.168.1.0 255.255.255.0
default-router 192.168.1.254
dns-server 135.196.0.6 xx.196.0.xx 8.8.8.8

interface FastEthernet 3

switchport access vlan 3

int fastethernet 2

switchport access vlan 2

interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto

interface Vlan1

no shutdown
description "TO LAN"
ip address 192.168.1.254 255.255.255.0
ip nat inside

interface Vlan2

no shut
description "UPLINK TO secondary isp"
ip address 217.33.177.xxx 255.255.255.0
ip nat outside

interface Vlan3

no shutdown
description "UP LINK TO primary isp"
ip address 212.2.29.yyy 255.255.255.248
ip nat outside

ip nat inside source list 100 interface Vlan3 overload

ip nat inside source list 101 interface vlan 2 overload

access-list 100 permit ip any any

access-list 101 permit ip any any 

ip route 0.0.0.0 0.0.0.0 212.2.29.yyy track 1
ip route 0.0.0.0 0.0.0.0 217.33.177.xx 10

ip sla 1
icmp-echo 212.2.29.yyy source-interface Vlan3
frequency 5
ip sla schedule 1 life forever start-time now

track 1 ip sla 1 reachability

Labels:
0 Helpful
5 Replies 5

Philip D'Ath
VIP Alumni
VIP Alumni

‎06-03-2016 05:08 PM

Yep, it is a NAT issue.  You need something more like:

ip nat inside source route-map NAT-VLAN2 interface vlan2 overload
ip nat inside source route-map NAT-VLAN3 interface vlan3 overload

access-list 100 permit ip any any

route-map NAT-VLAN2 permit 10
 match ip address 100
 match interface VLAN2

route-map NAT-VLAN3 permit 10
 match ip address 100
 match interface VLAN3

rizy22@yahoo.com
Level 1
Level 1
In response to Philip D'Ath

‎06-05-2016 04:49 AM

thanks philips for reply,

Main issue how to do routing among vlans created on switch module. I have two vlans, which dont ping each other when i connect through ethernet cable to vlan1. IP ROUTING, command I cant see running configuration while this is accepted by router. Secondary ISP public IP address don,t let me ping/telnet from Internet while I am able to ping/telnet primary isp public ip. thanks

0 Helpful

Philip D'Ath
VIP Alumni
VIP Alumni
In response to rizy22@yahoo.com

‎06-05-2016 01:48 PM

Please post an updated configuration.

rizy22@yahoo.com
Level 1
Level 1
In response to Philip D'Ath

‎06-05-2016 03:47 PM

thanks philips,

your suggestion perfectly worked. I have few other issues where phones not registering with PBX using secondary ISP. But just for information, secondary ISP address will not be ping/telnet, till primary goes down. When primary ISP link goes down then I am able to ping/telnet secondary ISP address. When primary link comes up again, if telnet through secondary, router will disconnect and need to telnet again through primary address. thanks for your help. 

0 Helpful

Philip D'Ath
VIP Alumni
VIP Alumni
In response to rizy22@yahoo.com

‎06-05-2016 03:48 PM

It would be great if you could mark and rate helpful posts.  :-)

Customers Also Viewed These Support Documents