Hello all, We are trying to load balance 2 isp with our 1941 router.

We have IPBase license. I've created the route-maps and the 2 defaul routes, but the router acts weird: all the connections (http, tracerts) that the router makes with ISP1, works perfectly, but with ISP2, it just give timeout most of the time. When I disable ISP1 interface, it works perfectly with ISP2.

Interfaces:

G0/1 = LAN

G0/0.10 = ISP1

F0/0/0 = ISP2   

This is my running config:

Building configuration...

Current configuration : 11929 bytes

!

! Last configuration change at 20:19:03 PCTime Tue Jul 2 2013 by *

version 15.1

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname 1941

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

!

no aaa new-model

clock timezone PCTime -4 30

!

no ipv6 cef

no ip source-route

ip cef

!

!

!

ip dhcp excluded-address 172.16.16.254

ip dhcp excluded-address 172.16.16.1 172.16.16.40

!

ip dhcp pool LAN

network 172.16.16.0 255.255.254.0

default-router 172.16.16.254

dns-server 172.16.16.122

!

!

!

ip flow-cache timeout active 1

no ip bootp server

ip name-server 172.16.16.122

multilink bundle-name authenticated

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-3106419311

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3106414311

revocation-check none

rsakeypair TP-self-signed-3106434246

!

!

crypto pki certificate chain TP-self-signed-3106434246

certificate self-signed 01

  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 33313036 34313933 3131301E 170D3132 30313239 31363535

  34345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31303634

  31393331 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100B4E5 55C253FE CA155DC2 71FB296A AEC8F9D7 93E4CB08 BC02A5E3 6465ED94

  B41F3A4A FF69E4DD 3F7802A7 F6D08399 D8548549 FD6B7B03 74625101 723152A7

  BB8C570D 9CF88368 BC8ABB37 1D8112D6 14C6FD2A 1A63942F 53CDC946 2050DEBF

  249F5EB7 9E98C791 68C167B7 ED00A986 6FB12909 1A11B076 E8A5943F FE3D2C1D

  C0950203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603

  551D2304 18301680 14B813B8 01763845 258DEED9 445F1267 A9B4B127 DA301D06

  03551D0E 04160414 B813B801 76384525 8DEED944 5F1267A9 B4B127DA 300D0609

  2A864886 F70D0101 05050003 89684064 ACB4E083 BFF48CFE A45F422D 96ED2B9D

  D454A689 418ACB5A D0B17AA0 34EB72D1 657AC4DF 9098EA9C 8A611797 A5FEA415

  1A1880D9 EAAC2402 7E72BDD0 4DDBC764 1A7861CE F87963E8 52D37086 1FB0F900

  56EE5DC2 6DD564A6 E79FB758 23600B17 5E2EC9E8 95D6E652 B95A339D 520D5B80

        quit

license udi pid CISCO1941/K9 sn FTX16058

!

!

username admin privilege 15 secret 5 $1$ZhAI$1sz9yGHEJ8Ip5xPXRD03Z1

!

!

!

class-map match-any P2P

match protocol bittorrent

!

!

policy-map P2P

class P2P

  drop

!

!

!

!

interface Embedded-Service-Engine0/0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

shutdown

!

interface GigabitEthernet0/0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

duplex full

speed 100

no mop enabled

!

interface GigabitEthernet0/0.10

description WAN VLAN

encapsulation dot1Q 1286

ip address 200.109.XXX.XXX 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

ip virtual-reassembly in

!

interface GigabitEthernet0/1

description LAN

ip address 172.16.16.254 255.255.254.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip nbar protocol-discovery

ip flow ingress

ip flow egress

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

no mop enabled

service-policy input P2P

service-policy output P2P

!

interface FastEthernet0/0/0

description NETUNO

ip address 190.6.XX.XX 255.255.255.252

ip nbar protocol-discovery

ip flow ingress

ip flow egress

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

service-policy input P2P

service-policy output P2P

!

interface FastEthernet0/0/1

no ip address

shutdown

duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http access-class 7

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip flow-export version 5

ip flow-export destination 172.16.16.12 1050

!

ip nat pool desarrollos 200.109.XXX.XXX 200.109.XXX.XXX prefix-length 29

ip nat inside source route-map CANTV interface GigabitEthernet0/0.10 overload

ip nat inside source route-map NETUNO interface FastEthernet0/0/0 overload

ip nat inside source static tcp 172.16.16.136 80 200.109.XXX.XXX 80 extendable

ip nat inside source static tcp 172.16.16.122 80 200.109.XXX.XXX 80 extendable

ip nat inside source static tcp 172.16.16.127 81 200.109.XXX.XXX 81 extendable

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0.10

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0/0

ip route 172.16.15.0 255.255.255.0 172.16.16.128

!

ip access-list extended cantv1

!

no cdp run

route-map NETUNO permit 10

match ip address 7

match interface FastEthernet0/0/0

!

route-map CANTV permit 10

match ip address 7

match interface GigabitEthernet0/0.10

!

!

snmp-server community XXXX WO

snmp-server ifindex persist

!

control-plane

!

!

!

line con 0

logging synchronous

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

access-class 23 in

exec-timeout 3 0

privilege level 15

logging synchronous

login local

transport input ssh

!

scheduler allocate 20000 1000

end

So, what am I missing?

Furthermore, I would like to work with NAT, but I really do not have idea where to start.

Cheers and thanks!