cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1540
Views
0
Helpful
2
Replies

shdsl ( ethernet ) failover to 3G HWIC using BGP - 1941w

cco4mike1
Level 1
Level 1

Hi,

I'm having problems with the following config. I cannot work out how I am supposed to perform the natting.

The BGP route is active as the default route when I type "sh ip route",  and if BGP route is lost the floating static (default) route takes it place as the Admin Distance of 200 kicks in. If the BGP route comes back online it replace the floating static, becoming the new static.. As it should.

However how do I dynamically NAT out to the internet so that when the main link drops, the traffic then swaps to go out dialer 0 (associated with cellular0/0/0 of the 3g link) ?

I cannot "ping www.google.com source 192.168.100.1" when dialer0 kicks in as default route. My natting is wrong, but what options do I have?

Any help would be much appreciated.

Michael.

version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
no ipv6 cef
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.100.1
!
ip dhcp pool LAN_POOL
   network 192.168.100.0 255.255.255.0
   dns-server 203.50.2.71 139.130.4.4
   default-router 192.168.100.1
!
!
ip domain name direct.telstra.net
ip name-server 203.50.2.71
ip name-server 139.130.4.4
multilink bundle-name authenticated
!
chat-script extranet "" ATDT*98*2#" TIMEOUT 30 CONNECT
chat-script internet "" "ATDT*98*3#" TIMEOUT 30 CONNECT
!
license udi pid CISCO1941W-N/K9 sn *******
!
!
username *********** privilege 15 secret ******
username ******** privilege 15 secret *****
!
ip ssh version 2
!
!
!
interface Loopback0
ip address 128.1.1.1 255.255.255.255
!
interface Wlan-GigabitEthernet0/0
description Internal switch interface connecting to the embedded AP
!
interface GigabitEthernet0/0
backup interface Dialer0
ip address 139.*.*.2 255.255.255.252
ip nat outside
ip virtual-reassembly
duplex full
speed 100
!
interface wlan-ap0
description Service module interface to manage the embedded AP
no ip address
arp timeout 0
no mop enabled
no mop sysid
!
interface GigabitEthernet0/1
ip address 192.168.100.1 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip route-cache cef
duplex auto
speed auto
!
interface Cellular0/0/0
no ip address
ip virtual-reassembly
encapsulation ppp
load-interval 60
dialer in-band
dialer pool-member 1
async mode interactive
no fair-queue
!
interface Vlan1
no ip address
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer string extranet
dialer persistent
ppp authentication chap callin
ppp chap hostname ******
ppp chap password ******
ppp ipcp dns request
ppp multilink
no fair-queue
no cdp enable
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
neighbor 139.*.*.2 remote-as 1221
neighbor 139.*.*.1 description *************
no auto-summary
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip nat inside source list 33 interface GigabitEthernet0/0 overload
ip nat inside source list 22 interface dialer 0 overload
!
ip route 0.0.0.0 0.0.0.0 Dialer0 200
!
access-list 22 permit 192.168.100.0 0.0.0.255
access-list 33 permit 192.168.100.0 0.0.0.255
!
!
!
control-plane
!
!
line con 0
transport output all
line aux 0
transport output all
line 0/0/0
exec-timeout 0 0
script dialer extranet
modem InOut
no exec
rxspeed 7200000
txspeed 2000000
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 2
access-class 22 in
exec-timeout 20 0
login local
transport input telnet
line vty 3 4
exec-timeout 20 0
login local
transport input ssh
!
scheduler max-task-time 5000
scheduler allocate 20000 1000
end

1 Accepted Solution

Accepted Solutions

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Mike,

you need to add more intelligence to NAT operations using route-maps

see

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml

by using match interface you can use an appropriate pool for the active interface

route-map SmartNAT1 permit 10

match interface g0/0

match ip address 33

route-map SmartNAT2 permit 20

match interface dialer0

match ip address 22

change nat rules in

ip nat inside source route-map SmartNAT1 interface ge0/0 overload

ip nat inside source route-map SmartNAT2 interface dialer0 overload

if interface option is not accepted you should configure nat pools

Hope to help

Giuseppe

View solution in original post

2 Replies 2

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Mike,

you need to add more intelligence to NAT operations using route-maps

see

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml

by using match interface you can use an appropriate pool for the active interface

route-map SmartNAT1 permit 10

match interface g0/0

match ip address 33

route-map SmartNAT2 permit 20

match interface dialer0

match ip address 22

change nat rules in

ip nat inside source route-map SmartNAT1 interface ge0/0 overload

ip nat inside source route-map SmartNAT2 interface dialer0 overload

if interface option is not accepted you should configure nat pools

Hope to help

Giuseppe

Thankyou Giuseppe,

I will try that when I go back to site on Monday(today Sat)

I was thinking of using Routemaps but was unsure how the logic would differ to what I already have

It does make sense that you should bind the each NAT statement (inside source) to its respective interface however.

I'm guessing that my config, when the link failsover to 3G, the router still uses the first NAT statement in the list? (ie...int g0/0 overload)

I'll keep you posted.

regards,

Michael

Review Cisco Networking for a $25 gift card