cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1984
Views
0
Helpful
22
Replies

IP NAT TRANSALATION FAILING

tefomatlho
Level 1
Level 1

HI

 

i really need assistance, i have configured IP Sla on a 1921, and done nat on all the interfaces, but i get this output from the intefaces;

HAN-C1921-COM#sh ip int br
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 unassigned YES NVRAM down down
GigabitEthernet0/0.1953 172.16.100.1 YES NVRAM down down
GigabitEthernet0/0.1954 168.167.50.110 YES NVRAM down down
GigabitEthernet0/1 10.10.4.1 YES NVRAM up up
GigabitEthernet0/1/0 unassigned YES NVRAM up up
Dialer1 169.255.81.23 YES IPCP up up
NVI0 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
Virtual-Access2 unassigned YES unset up up

 

please do assist.

 

Thanking you in advance.

22 Replies 22

 

Thank you the fail-over is working fine. what we want to achieve is to have all the links running parallel (bundled), we don't want any link to be idle. on the nat translation I should see both links, 

 

Hello,

 

change:

 

icmp-echo 168.167.50.109 source-interface GigabitEthernet0/0

 

to

 

icmp-echo 168.167.50.109 source-interface GigabitEthernet0/0.1954

 

or 

 

icmp-echo 168.167.50.109 source-ip 168.167.50.110

Hello,

 

for tha to happen you need to remove all tracking, the IP SLA, and the distance on the static route of the dialer interface. Before you do that, keep in mind that CEF does equal cost load balancing. What is the bandwidth for both links ?

20Mbps for Main Link

10 Mbps for redundant link

Hello,

 

the below should give you a 2:1 load balancing. All EEM and IP SLA has been removed. Norice that you have two default routes for the primary WAN link:

 

HAN-C1921-COM#sh run
Building configuration...

Current configuration : 3012 bytes
!
! Last configuration change at 07:51:18 UTC Tue Jun 26 2018 by support
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HAN-C1921-COM
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ip domain lookup
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
cts logging verbose
!
license udi pid CISCO1921/K9 sn FGL214493UP
!
username support privilege 15 password 0 D!sc0v3ry
!
redundancy
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.1953
encapsulation dot1Q 1953
ip address 172.16.100.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.1954
encapsulation dot1Q 1954
ip address 168.167.50.110 255.255.255.252
ip nat outside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
ip address 10.10.4.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1/0
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
dialer-group 1
ppp chap hostname tefomatlho2018@gmail.com
ppp chap password 0 77529888
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source route-map BTC-LINK interface GigabitEthernet0/0.1954 overload
ip nat inside source route-map REDUNDANCY interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 168.167.50.109
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0.1954
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.10.3.0 255.255.255.0 172.16.100.2
!
ip sla 1
icmp-echo 168.167.50.109 source-interface GigabitEthernet0/0
frequency 10
ip sla schedule 1 life forever start-time now
!
route-map REDUNDANCY permit 1
match ip address 110
match interface Dialer1
!
route-map BTC-LINK permit 1
match ip address 110
match interface GigabitEthernet0/0.1954
!
access-list 110 permit ip 10.10.3.0 0.0.0.255 any
access-list 110 permit ip 10.10.4.0 0.0.0.255 any
access-list 110 permit ip 10.10.5.0 0.0.0.255 any
access-list 110 permit ip 10.10.6.0 0.0.0.255 any
access-list 110 permit ip 172.16.100.0 0.0.0.255 any
!
control-plane
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password D!sc0v3ry
login local
transport input telnet ssh
line vty 5 15
password D!sc0v3ry
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

HAN-C1921-COM#

HI

 

kindly note that the configs are working fine with failover but does not do bonding, for the two. we only get 10mbps of the main link instead of 10 + 5 (Primary and Secondary)

Review Cisco Networking for a $25 gift card