kamsuj
asked on
Router 1812, two ISP, nat and route-maps
Hi,
I'm trying to do redundant internet connection on my 1812 and configuration shown below does not work can you please point me to a pleace where I making a mistake?
In Fa0 i have my ISP1 and on Fa1 my ISP2. My LAN is on Vlan1.
Thank you for the help.
I'm trying to do redundant internet connection on my 1812 and configuration shown below does not work can you please point me to a pleace where I making a mistake?
In Fa0 i have my ISP1 and on Fa1 my ISP2. My LAN is on Vlan1.
Thank you for the help.
Building configuration...
Current configuration : 3636 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WALL
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$M9FSDIUFLSILGUD
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
!
crypto pki trustpoint TP-self-signed-4074706560
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4074706560
revocation-check none
rsakeypair TP-self-signed-4074706560
!
!
crypto pki certificate chain TP-self-signed-4074706560
certificate self-signed 01
3082023E 308201A7 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
A20F0203 010001A3 66306430 0F060355 1D130101 FF040530 030101FF 30110603
551D1104 0A300882 06534349 414E4130 1F060355 1D230418 30168014 72ADEBCA
7A5C7DFD 5CB5893E 36D84D8B F141C704 301D0603 551D0E04 16041472 ADEBCA7A
5C7DFD5C B5893E36 D84D8BF1 41C70430 0D06092A 864886F7 0D010104 05000381
81005CF7 A69DC5D4 EAD3C20D 9087B50D 279CF498 101D2B0B F4156B89 01866C87
899D87F9 09F06778 E9A32659 87A45279 33760DD3 065C3190 C686D985 581F3646
0855A2AA F2A4ACD5 8861C2A2 0C5D63FF 68344613 C3856C34 9400AE9B DDF8003E
BA0E91CC D733B2FA E312C286 DEAC662D 8C30BD13 D1ACDF46 29E4B8D5 0C57B2A3 FAA9
quit
!
!
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
username MYUSER privilege 15 secret 5 $1$uASFASGAEGAER
!
!
archive
log config
hidekeys
!
!
track timer interface 5
!
track 100 rtr 1 reachability
!
!
!
interface FastEthernet0
ip address XX.XXX.XX.X2 255.255.255.240
ip nat outside
ip virtual-reassembly
speed auto
full-duplex
!
interface FastEthernet1
ip address YY.YYY.YY.YY4 255.255.255.240
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
description $ES_LAN$
ip address 192.168.10.254 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 XX.XXX.XX.X1 track 100
ip route 0.0.0.0 0.0.0.0 YY.YYY.YY.YY3 254
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat source route-map WORKSTATIONS_85 interface FastEthernet1 overload
!
ip access-list extended ACL_WORKSTATIONS
permit ip 192.168.10.0 0.0.0.255 any log
!
ip sla 1
icmp-echo 11.11.11.12 source-interface FastEthernet0
timeout 1000
threshold 2
frequency 3
ip sla schedule 1 life forever start-time now
!
!
!
route-map WORKSTATIONS_88 permit 1
match ip address ACL_WORKSTATIONS
set ip next-hop XX.XXX.XX.X1
!
route-map WORKSTATIONS_85 permit 1
match ip address ACL_WORKSTATIONS
set ip next-hop YY.YYY.YY.YY3
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
end
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.