Solved

cisco 1811 HSRP for 2 ISP

Posted on 2010-08-27
3
1,291 Views
Last Modified: 2012-05-10
Hello Experts

I like to add HSRP-IPSLA Cisco 1811 router backup internet if down 1wan isp, 2wan  isp should work auto, i am using int f/0 PPOE, and i like to add one more PPOE an int F/1, if any one can advice to will be better, bellow i have config


Current configuration : 4317 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HOME-LAB
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$2WxH$.2ReAe82B8zoZcCwNYxJp0
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
   dns-server 192.168.3.1
   lease 40
!
ip tcp synwait-time 10
!
username root privilege 15 password 7 151F0A1F102F39
!
interface FastEthernet0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 description Vlan DATA
 ip address 192.168.3.1 255.255.255.0
  no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1412
!
interface Async1
 no ip address
 encapsulation slip
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname 70240001695@4096.afaqe2e.com
 ppp chap password 7 1234567
 ppp pap sent-username 70240001695@4096.afaqe2e.com password 7 12344567
 ppp ipcp dns request
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip dns server
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
no scheduler allocate
end

HOME-LAB#


Regards
Taher
0
Comment
Question by:taherudin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 24

Expert Comment

by:rfc1180
ID: 33547227
This site will have all the information and examples that you need:

http://www.nil.com/ipcorner/RedundantMultiHoming/

Billy
0
 
LVL 1

Author Comment

by:taherudin
ID: 33551292
any one can help in this ?
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 500 total points
ID: 33551561
You can not do HSRP as you only have one router, you will only be able to do IP SLA:
Note, you will need to know an IP on the remote end of the IP SLA to ping; I have included google.com and yahoo.com, but if either of those sites go down, you will have issues. Please use a next-hop in your ISP network that will always remain up.

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HOME-LAB
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$2WxH$.2ReAe82B8zoZcCwNYxJp0
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
ip cef
ip sla monitor 1
 type echo protocol ipIcmpEcho google.com source-interface Dialer0
 timeout 1000
 threshold 40
 frequency 3
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2
 type echo protocol ipIcmpEcho yahoo.com source-interface Dialer1
 timeout 1000
 threshold 40
 frequency 3
ip sla monitor schedule 2 life forever start-time now
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
   dns-server 192.168.3.1
   lease 40
!
track 1 rtr 1 reachability
 delay down 15 up 10
!
track 2 rtr 2 reachability
 delay down 15 up 10

ip tcp synwait-time 10
!
username root privilege 15 password 7 151F0A1F102F39
!
interface FastEthernet0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 description Vlan DATA
 ip address 192.168.3.1 255.255.255.0
  no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1412
!
interface Async1
 no ip address
 encapsulation slip
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname 70240001695@4096.afaqe2e.com
 ppp chap password 7 1234567
 ppp pap sent-username 70240001695@4096.afaqe2e.com password 7 12344567
 ppp ipcp dns request
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2 2
!
ip dns server
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map isp1 interface Dialer0 overload
ip nat inside source route-map isp2 interface Dialer1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
!
route-map isp1 permit 10
 match ip address 1
 match interface Dialer0
!
route-map isp2 permit 10
 match ip address 1
 match interface Dialer1

no cdp run
!
control-plane
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
no scheduler allocate
end


Billy
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question