Link to home
Create AccountLog in
Avatar of kamsuj
kamsujFlag for Poland

asked on

Router 1812, two ISP, nat and route-maps

Hi,

I'm trying to do redundant internet connection on my 1812 and configuration shown below does not work can you please point me to a pleace where I making a mistake?

In Fa0 i have my ISP1 and on Fa1 my ISP2. My LAN is on Vlan1.

Thank you for the help.
Building configuration...
 
Current configuration : 3636 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WALL
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$M9FSDIUFLSILGUD
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
!
crypto pki trustpoint TP-self-signed-4074706560
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4074706560
 revocation-check none
 rsakeypair TP-self-signed-4074706560
!
!
crypto pki certificate chain TP-self-signed-4074706560
 certificate self-signed 01
  3082023E 308201A7 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  A20F0203 010001A3 66306430 0F060355 1D130101 FF040530 030101FF 30110603
  551D1104 0A300882 06534349 414E4130 1F060355 1D230418 30168014 72ADEBCA
  7A5C7DFD 5CB5893E 36D84D8B F141C704 301D0603 551D0E04 16041472 ADEBCA7A
  5C7DFD5C B5893E36 D84D8BF1 41C70430 0D06092A 864886F7 0D010104 05000381
  81005CF7 A69DC5D4 EAD3C20D 9087B50D 279CF498 101D2B0B F4156B89 01866C87
  899D87F9 09F06778 E9A32659 87A45279 33760DD3 065C3190 C686D985 581F3646
  0855A2AA F2A4ACD5 8861C2A2 0C5D63FF 68344613 C3856C34 9400AE9B DDF8003E
  BA0E91CC D733B2FA E312C286 DEAC662D 8C30BD13 D1ACDF46 29E4B8D5 0C57B2A3 FAA9
        quit
!
!
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
username MYUSER privilege 15 secret 5 $1$uASFASGAEGAER
!
!
archive
 log config
  hidekeys
!
!
track timer interface 5
!
track 100 rtr 1 reachability
!
!
!
interface FastEthernet0
 ip address XX.XXX.XX.X2 255.255.255.240
 ip nat outside
 ip virtual-reassembly
 speed auto
 full-duplex
!
interface FastEthernet1
 ip address YY.YYY.YY.YY4 255.255.255.240
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 description $ES_LAN$
 ip address 192.168.10.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 XX.XXX.XX.X1 track 100
ip route 0.0.0.0 0.0.0.0 YY.YYY.YY.YY3 254
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat source route-map WORKSTATIONS_85 interface FastEthernet1 overload
!
ip access-list extended ACL_WORKSTATIONS
 permit ip 192.168.10.0 0.0.0.255 any log
!
ip sla 1
 icmp-echo 11.11.11.12 source-interface FastEthernet0
 timeout 1000
 threshold 2
 frequency 3
ip sla schedule 1 life forever start-time now
!
!
!
route-map WORKSTATIONS_88 permit 1
 match ip address ACL_WORKSTATIONS
 set ip next-hop XX.XXX.XX.X1
!
route-map WORKSTATIONS_85 permit 1
 match ip address ACL_WORKSTATIONS
 set ip next-hop YY.YYY.YY.YY3
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
end

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of wingatesl
wingatesl
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer