Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
808
Views
0
Helpful
1
Replies

reach server from 2 isp with Nat+RouteMap

zuppetta
Level 1
Level 1

ā€Ž04-06-2013 01:04 AM - edited ā€Ž03-04-2019 07:30 PM

Hi everybody,

I have the following scenario :

1 Lan  / 2 ISP

1) 192.168.0.0/27 will be nat in load-balance (per destination) by 2 interfaces (F0/0,F1/0)

2) Web Server in my LAN (192.168.0.4) will be reach indifferently from 2 ISP (F0/0,F1/0)

For point one .. no problem ..

instead for point two i reach the web server only from one ISP. (for example isp connected to F1/0)

When i try to contact web server from another isp (for example isp connected to F0/0) ..doesn't work ...

If i perform "sh ip nat trans" i see my request from outside ... It seems to me that the router try to answer ever from one default route (default route with the exit int F1/0)

here the config :

interface FastEthernet0/0
description WAN1
ip address 10.0.0.2 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto

interface FastEthernet1/0
description WAN3
ip address 10.0.2.2 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto

interface FastEthernet1/1
description Lan Uffici e Server
ip address 192.168.0.1 255.255.255.192
ip nat inside
ip virtual-reassembly
duplex auto
speed auto

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 10.0.0.1
ip route 0.0.0.0 0.0.0.0 FastEthernet1/0 10.0.2.1

ip nat inside source route-map WAN1 interface FastEthernet0/0 overload
ip nat inside source route-map WAN3 interface FastEthernet1/0 overload

ip nat inside source static tcp 192.168.0.4 80 10.0.0.2 80 route-map Test1
ip nat inside source static tcp 192.168.0.4 80 10.0.2.2 80 route-map Test2

route-map WAN1 permit 10
match ip address 100
match interface FastEthernet0/0
set ip next-hop 10.0.0.1

route-map WAN3 permit 10
match ip address 100
match interface FastEthernet1/0
set ip next-hop 10.0.2.1

route-map Test1 permit 10
match ip address 199
match interface FastEthernet0/0
set ip next-hop 10.0.0.1

route-map Test2 permit 10
match ip address 199
match interface FastEthernet1/0
set ip next-hop 10.0.2.1

access-list 199 permit tcp host 192.168.0.4 eq 80 any
access-list 100 permit ip 192.168.0.0 0.0.0.63 any

Thanks everybody in advance

Labels:
0 Helpful
1 Reply 1

Abzal
Level 7
Level 7

ā€Ž04-09-2013 07:49 AM

Hi,

Try this config because you are using one IP address for NAT and for servers:

no ip nat inside source static tcp 192.168.0.4 80 10.0.0.2 80 route-map Test1

no ip nat inside source static tcp 192.168.0.4 80 10.0.2.2 80 route-map Test2

ip nat inside source static tcp 192.168.0.4 80 interface f0/0 80 extendable

ip nat inside source static tcp 192.168.0.4 80 interface f1/0 80 extendable

Hope it will help.

Best regards,
Abzal

Best regards,
Abzal
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card