WAN failover not working - advice on config? **RESOLVED BY VENDOR**

mattyg187 · ‎12-13-2020

** RESOLVED BY VENDOR **

Hi team, I am administering a couple a branch networks currently in a new environment, cisco 2800 routers, they have a primary internet line and a Backup/3G fail over.... some of the sites backup/failover work fine, you unplug the pri connection and 3G takes over, others just don't fall over to the 3G, tested the 3G service and cards to rule that out and all looks ok, I believe its config related...

I think the non-working sites are missing some dialer commands, just wanted to get some advice on it and see if anyone sees anything obvious? I will paste below some config of working vs non working if someone could cast their eyes over it? I won't post the whole config but let me know if more is required and I can put the entire config up, I will just paste the main parts I think is related....

Thanks in advanced.

Georg Pauwen · ‎12-13-2020

Hello,

it is difficult to see what you are missing, since you have posted only partial configs. Post the full running configurations (sh run) of both a working and a non-working site.

Georg Pauwen · ‎12-14-2020

Either way, make sure the dialer watch configuration is present on the non-working router (lines marked in bold):

interface Dialer1
mtu 1492
ip address negotiated
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
ppp chap hostname xxxxx@x.com.au
ppp chap password 0 xxxxx
ppp pap sent-username xxxxx@x.com.au password 0 xxxxx
no cdp enable
!
interface Dialer3
description **** Backup 3G Wireless Link Mobile No xxxxx ****
ip address negotiated
encapsulation ppp
dialer pool 3
dialer idle-timeout 1
dialer string TPGNET
dialer watch-group 2
dialer-group 2
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp pap sent-username xxxxx password 0 xxxxx
no cdp enable
!
ip local policy route-map track_ping
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 172.30.4.1 track 1
ip route 172.31.4.1 255.255.255.255 172.30.4.1 track 1
ip route 0.0.0.0 0.0.0.0 Tunnel1 5
ip route 172.31.4.1 255.255.255.255 Dialer3 5
!
ip access-list extended track_ping
permit icmp any host 172.32.254.1
!
ip sla auto discovery
ip sla responder
ip sla 10
icmp-echo 172.32.254.1 source-ip 172.30.4.2
frequency 10
ip sla schedule 10 life forever start-time now
!
--> dialer watch-list 2 ip 172.30.4.1 255.255.255.255
--> dialer watch-list 2 delay route-check initial 2
--> dialer watch-list 2 delay connect 2
--> dialer watch-list 2 delay disconnect 2
!
dialer-list 2 protocol ip list 2
!
route-map track_ping permit 10
match ip address track_ping
set interface Dialer1 Null0

mattyg187 · ‎12-14-2020

Thanks Georg, I have uploaded the configs below. Cheers for your help.

paul driver · ‎12-14-2020

Hello
From your OP, at first glance your missing the watch-list from the non working rtrs, That list should relate to the watch group to monitor specifc networks in the rtrs rib table and if they are withdrawn then the dialer back should be brought up.
dialer watch-list 2 ip 172.30.64.1 255.255.255.255

Edited - I would also say your route-check timers are quite aggressive
delay route-check initial 2- For router to begin watching rib table on boot up, a 2 second window for rib to be populated i would say is too aggressive
delay disconnect/connect 2 - time to wait for the router to try connecting or disconnecting the dialup link again to me this is to aggressive

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

mattyg187 · ‎12-14-2020

TBA