HOW TO CONFIGURE AUTO FAILOVER DUAL ILL CONNECTION IN ONE CISCO ISR4331 K9 ROUTER

jagannath.cmcltd · ‎02-01-2021

Please help for how to configure Auto Failover Dual ILL connection in ONE Cisco ISR4331/K9 Router, Cisco IOS XE Software, Version 16.06.04.

Router LAN IP 192.168.14.1 (Static)

1> ISP BSNL ILL ip details:

WAN IP 172.24.159.241

NIB WAN IP (Default Gateway) 172.24.159.242

Subnet Mask-255.255.255.252

LAN IP-117.197.102.216 to 223

Subnet Mask- 255.255.255.248

2>ISP JIO ILL ip details:

WAN ip pool:136.232.82.196 (customer End WAN IP: 136.232.82.255.255.255.252 with Default Gateway-136.232.82.197)

LAN ip pool: 136.233.106.216( usable ip range136.233.106.217 to 222 with Subnet mask:255.255.255.248) DNS:49.45.0.4

balaji.bandi · ‎02-01-2021

here is example :

https://www.cisco.com/c/en/us/support/docs/ip/ip-routing/200785-ISP-Failover-with-default-routes-using-I.html

If NAT Involved you need to run some EEM Script to clear NAT

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

paul driver · ‎02-01-2021

Hello

@balaji.bandi wrote:

here is example :

If NAT Involved you need to run some EEM Script to clear NAT

You shouldnt need to do this, you could decrease the cache default timeouts for NAT44 especially for the translation and tcp timeout which both default to 24 hrs

Example:
ip nat translation timeout 300 (default =86400 secs 24hrs)
ip nat translation tcp timeout 300 (default =86400 secs 24hrs)

ip nat translation udp timeout 60 (default)
ip nat translation dns-timeout 60 (default)
ip nat translation finrst-timeout 60 (default)
ip nat translation icmp-timeout 60 (default)
ip nat translation port-timeout-tcp 60 (default)
ip nat translation port-timeout-udp 60 (default)
ip nat translation syn-timeout 60 (default)

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

balaji.bandi · ‎02-01-2021

You shouldnt need to do this, you could decrease the cache default timeouts for NAT44 especially for the translation and tcp timeout which both default to 24 hrs

Agreed - high level suggested to clear NAT, yes tweaking timers also considered - part of failover (thank you point it out)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎02-01-2021

Hello,

post the full running configuration of your 4331, so we can fill in the bits and pieces.

Actually, here is what your config should look like. Check the WAN IP addressing to make sure it is correct. It looks to me like you don't need a pool for the backup WAN line, as there is only one IP address anyway ?

track 1 ip sla 1 reachability
!
interface GigabitEthernet0/0/0
description Primary BSNL ILL
ip address 172.24.159.241 255.255.255.252
ip nat outside
negotiation auto
!
interface GigabitEthernet0/0/1
description BACKUP JIO ILL
ip address 136.232.81.196 255.255.255.252
ip nat outside
negotiation auto
!
interface GigabitEthernet0/0/2
description LAN
ip address 192.168.1.1 255.255.255.0
ip nat inside
negotiation auto
!
ip sla 1
icmp-echo 8.8.8.8 source-ip 172.24.159.241
frequency 3
!
ip sla schedule 1 life forever start-time now
!
ip route 0.0.0.0 0.0.0.0 172.24.159.242 track 1
ip route 0.0.0.0 0.0.0.0 136.232.81.197 10
!
ip access-list extended 101
permit ip 192.168.1.0 0.0.0.255 any
!
route-map ISP_1_NAT permit 10
match ip address 101
match interface GigabitEthernet0/0/0
!
route-map ISP_2_NAT permit 10
match ip address 101
match interface GigabitEthernet0/0/1
!
ip nat inside source route-map ISP_1_NAT interface GigabitEthernet0/0/0 overload
ip nat inside source route-map ISP_2_NAT interface GigabitEthernet0/0/1 overload
!
event manager applet ISP_DOWN
event track 1 state down
action 1.0 cli command "enable"
action 2.0 cli command "clear ip nat translation *"
!
event manager applet ISP_UP
event track 1 state up
action 1.0 cli command "enable"
action 2.0 cli command "clear ip nat translation *"