Hello,

there are a lot of things wrong with your configuration. Post a schematic drawing of your network including all connections and IP addressing...

HI

i have sent the diagram

Good ! I'll have a look...

Hello,

here is what I have come up with (important parts marked in bold):

HAN-C1921-COM#sh run
Building configuration...
Current configuration : 3239 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HAN-C1921-COM
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
ip dhcp-excluded address 10.10.4.1
!
ip dhcp pool TEST
network 10.10.4.0 255.255.255.0
default-router 10.10.4.1
dns-server 8.8.8.8
!
no ip domain lookup
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
cts logging verbose
!
license udi pid CISCO1921/K9 sn FGL214493UP
!
redundancy
!
track 1 ip sla 1
delay down 5 up 5
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.1953
encapsulation dot1Q 1953
ip address 172.16.100.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.1954
description Main Link
encapsulation dot1Q 1954
ip address 168.167.50.110 255.255.255.252
ip nat outside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
ip address 10.10.4.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1/0
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Dialer1
description Secondary Link
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
dialer-group 1
ppp chap hostname tefomatlho2018@gmail.com
ppp chap password 0 77529888
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source route-map BTC-LINK interface GigabitEthernet0/0.1954 overload
ip nat inside source route-map REDUNDANCY interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 168.167.50.109 5 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 200
!
ip sla 1
icmp-echo 168.167.50.109 source-interface GigabitEthernet0/0
frequency 10
ip sla schedule 1 life forever start-time now
dialer-list 1 protocol ip permit
!
route-map REDUNDANCY permit 1
match ip address 110
match interface Dialer1
!
route-map BTC-LINK permit 1
match ip address 110
match interface GigabitEthernet0/0.1954
!
access-list 110 permit ip any any
access-list 110 permit ip 10.10.3.0 0.0.0.255 any
access-list 110 permit ip 10.10.4.0 0.0.0.255 any
access-list 110 permit ip 10.10.5.0 0.0.0.255 any
access-list 110 permit ip 10.10.6.0 0.0.0.255 any
access-list 110 permit ip 172.16.100.0 0.0.0.255 any
!
control-plane
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password D!sc0v3ry
login local
transport input telnet ssh
line vty 5 15
password D!sc0v3ry
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
event manager applet FAIL-OVER
event track 1 state any
action 0.0 cli command "enable"
action 1.0 cli command "clear ip nat trans *"
action 3.0 cli command "Fail over just occured"
!
end
HAN-C1921-COM#

Thank you very much it worked,

Good to know, glad you got it up and running...

HI

I have put the configuration into a production network, now we cannot get internet with the main link, I can ping and traceroute to my next hop but I cannot go to the next hop.

Hello,

remove 

access-list 110 permit ip any any

from your access list 110.

If that doesn't help, post the full running configuration, I want to check if everything is put in correctly...

Also post the output of 'show ip nat translations'

Find attached translation with secondary link down and up. the secondary is working fine.