Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2460
Views
0
Helpful
17
Replies

Need A Help

Go to solution
pawanharlecisco
Level 1
Level 1

‎08-05-2011 01:45 AM - edited ‎03-04-2019 01:11 PM

Hello Friends,

                    As per  topology attached herewith,  i have 2 ISPs,    ISP1 and ISP2. And i have one Cisco 1841 Router with only 2 Ethernet interfaces.My Lan subnet is 192.168.1.0.

                    My puspose is, i want to configure both ISP1 and ISP2 and my Lan Network on router, without adding any extra interaface. I  also want to configure a nat so that Lan user can go to internet. I wabt to do this using 2 Interfaces.

            Please give me your views and suggestion ,so that i can implement this.

Topology is attached herewith.

Regards

Pawan

Labels:
Preview file
23 KB
0 Helpful
17 Replies 17

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to pawanharlecisco

‎08-08-2011 03:45 AM

Pawan,

Well, yes, there is... but I am afraid it would incur higher loads on your router and possibly decrease the throughput. But I believe you now need any solution that works.

Okay. Let me show you another possible configuration. Remove all configuration that you have added as a result with your discussion with me, and apply the following:

interface Loopback192
 ip address 192.0.2.1 255.255.255.252
 ip nat inside
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.0
 ip address X.X.X.X M.M.M.M secondary ! This is the IP for ISP1
 no ip redirects
 ip nat outside
 ip policy route-map PBR
interface FastEthernet 1/0
 ip address Y.Y.Y.Y M.M.M.M ! This is the IP for ISP2
 no ip redirects
 ip nat outside
access-list 100 deny 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 100 permit 192.168.1.0 0.0.0.255 any
ip nat pool ISP1 X.X.X.X X.X.X.X netmask 255.255.255.252
ip nat pool ISP2 Y.Y.Y.Y Y.Y.Y.Y netmask 255.255.255.252
route-map ISP1 permit 10
 match ip address 100
 match interface FastEthernet0/0
route-map ISP2 permit 10
 match ip address 100
 match interface FastEthernet1/0
route-map PBR permit 10
 match ip address 100   
 set interface Loopback192
ip nat inside source route-map ISP1 pool ISP1 overload
ip nat inside source route-map ISP2 pool ISP2 overload
ip route 0.0.0.0 0.0.0.0 ISP1_NEXT_HOP
ip route 0.0.0.0 0.0.0.0 ISP2_NEXT_HOP

After this works, you may optionally enhance it with your SLA configuration, but this should allow you to use both ISPs and NAT to the correct corresponding space.

Let me know if it worked. And please press your senior for the VLAN-capable switch. All these suggestions are very improper hacks.

Best regards,

Peter

0 Helpful

Go to solution
pawanharlecisco
Level 1
Level 1
In response to Peter Paluch

‎08-08-2011 04:03 AM

Dear Peter,

                 Thankyou so much....Let me try it and will revert to u.

Regards

Pawan

0 Helpful

Go to solution
pawanharlecisco
Level 1
Level 1
In response to pawanharlecisco

‎08-08-2011 09:59 PM

Hi Peter,

                Thankyou very much Brother for helping me and guiding me, the way u guide was too good. All the things are working properly.Please take a look for the config mentioned  below.

Policy#sh run

Building configuration...

Current configuration : 1903 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Policy

!

boot-start-marker

boot-end-marker

!

no logging console

!

no aaa new-model

memory-size iomem 5

!

!

ip cef

!

!

no ip domain lookup

ip sla monitor 1

type echo protocol ipIcmpEcho 10.10.10.1 source-interface FastEthernet0/0

timeout 1000

threshold 2

frequency 3

ip sla monitor schedule 1 life forever start-time now

!

!

!

track 1 rtr 1 reachability

!

!

interface Loopback192

ip address 192.0.2.1 255.255.255.252

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/0

description Connt ISP1

ip address 10.10.10.2 255.255.255.0 secondary

ip address 192.168.4.1 255.255.255.0

no ip redirects

ip nat outside

ip virtual-reassembly

ip policy route-map PBR

duplex auto

speed auto

!

interface FastEthernet1/0

description Connt ISP2

ip address 192.168.3.1 255.255.255.0

no ip redirects

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet2/0

no ip address

shutdown

duplex auto

speed auto

!

no ip http server

ip route 0.0.0.0 0.0.0.0 10.10.10.1 track 1

ip route 0.0.0.0 0.0.0.0 192.168.3.2 10

!

!

ip nat pool ISP1 10.10.10.2 10.10.10.2 netmask 255.255.255.252

ip nat pool ISP2 192.168.3.1 192.168.3.1 netmask 255.255.255.252

ip nat inside source route-map ISP1 pool ISP1 overload

ip nat inside source route-map ISP2 pool ISP2 overload

!

access-list 100 deny   ip 192.168.4.0 0.0.0.255 192.168.4.0 0.0.0.255

access-list 100 permit ip 192.168.4.0 0.0.0.255 any

route-map PBR permit 10

match ip address 100

set interface Loopback192

!

route-map ISP2 permit 10

match ip address 100

match interface FastEthernet1/0

!

route-map ISP1 permit 10

match ip address 100

match interface FastEthernet0/0

!

!

!

control-plane

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

end

Policy#

Thanks Once Again...

Pawan

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card