Hi, everybody,
I have a web server: 192.168.7.1/24 connected to a router and the router connected to two ISP like this:
ISP1(1.1.1.1)------\
"WebServer"---->Core--->Router[ ==> 3.3.3.3
ISP2(2.2.2.1)------/
I want 3.3.3.3 ping My WebServer by 1.1.1.20 and 2.2.2.20, I mean if ISP1 is unreachable then WebServer be in access from ISP2, assume nat and routing on 3.3.3.3 is ok, I wrote a NAT:
---IP nat inside source static 192.168.7.1 1.1.1.20---
what should I do to have redundancy between NATs? This nat "IP nat inside source static 192.168.7.1 2.2.2.20" is not allowed (% 192.168.7.1 already mapped (192.168.7.1 -> 1.1.1.20). I have IP SLA to check IPS1 and ISP2.
Solved! Go to Solution.
Hello,
try and use the 'extendable' keyword:
R1(config)#ip nat inside source static 192.168.7.1 1.1.1.20 extendable
R1(config)#ip nat inside source static 192.168.7.1 2.2.2..20 extendable
Hello,
you could add the two EEM scripts below, in order to remove the redundant static NAT entry altogether if it is not in use. The script also clears the existing NAT translation so you don't have to wait for the it to time out...
Edit: Thinking about it again, I changed the order of the actions and put the 'clear ip nat translation *" at the end.
event manager applet CLEAR_NAT_DOWN
event track 1 state down
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip nat inside source static 192.168.7.1 1.1.1.20 extendable"
action 4.0 cli command "ip nat inside source static 192.168.7.1 2.2.2.20 extendable"
action 5.0 cli command "end"
action 6.0 cli command “clear ip nat translation *”
event manager applet CLEAR_NAT_UP
event track 1 state up
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip nat inside source static 192.168.7.1 2.2.2.20 extendable"
action 4.0 cli command "ip nat inside source static 192.168.7.1 1.1.1.20 extendable"
action 5.0 cli command "end"
action 6.0 cli command “clear ip nat translation *”
Hello,
try and use the 'extendable' keyword:
R1(config)#ip nat inside source static 192.168.7.1 1.1.1.20 extendable
R1(config)#ip nat inside source static 192.168.7.1 2.2.2..20 extendable
Hello
@hadi riyahiyan wrote:
tnx it works, webServer is accessed from both ISP1 and IPS2 but if IPS1 is not accessible, the Webserver cannot ping 3.3.3.3 !!!
Sounds like you need some monitoring on your routing, Below is a example of using default routing towards your isp's?
ip sla 1
icmp-echo <iSP1> source-ip <isp facing interlace ip>
ip sla schedule 1 life forever start-time now
track 10 ip sla 1
ip route 0.0.0.0 0.0.0.0 <isp1> name Primary_ISP track 10
ip route 0.0.0.0 0.0.0.0 <isp2> name Secondary_ISP 200
Hello,
you could add the two EEM scripts below, in order to remove the redundant static NAT entry altogether if it is not in use. The script also clears the existing NAT translation so you don't have to wait for the it to time out...
Edit: Thinking about it again, I changed the order of the actions and put the 'clear ip nat translation *" at the end.
event manager applet CLEAR_NAT_DOWN
event track 1 state down
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip nat inside source static 192.168.7.1 1.1.1.20 extendable"
action 4.0 cli command "ip nat inside source static 192.168.7.1 2.2.2.20 extendable"
action 5.0 cli command "end"
action 6.0 cli command “clear ip nat translation *”
event manager applet CLEAR_NAT_UP
event track 1 state up
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip nat inside source static 192.168.7.1 2.2.2.20 extendable"
action 4.0 cli command "ip nat inside source static 192.168.7.1 1.1.1.20 extendable"
action 5.0 cli command "end"
action 6.0 cli command “clear ip nat translation *”