Solved

cisco 1811 HSRP for 2 ISP

Posted on 2010-08-27
3
1,293 Views
Last Modified: 2012-05-10
Hello Experts

I like to add HSRP-IPSLA Cisco 1811 router backup internet if down 1wan isp, 2wan  isp should work auto, i am using int f/0 PPOE, and i like to add one more PPOE an int F/1, if any one can advice to will be better, bellow i have config


Current configuration : 4317 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HOME-LAB
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$2WxH$.2ReAe82B8zoZcCwNYxJp0
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
   dns-server 192.168.3.1
   lease 40
!
ip tcp synwait-time 10
!
username root privilege 15 password 7 151F0A1F102F39
!
interface FastEthernet0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 description Vlan DATA
 ip address 192.168.3.1 255.255.255.0
  no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1412
!
interface Async1
 no ip address
 encapsulation slip
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname 70240001695@4096.afaqe2e.com
 ppp chap password 7 1234567
 ppp pap sent-username 70240001695@4096.afaqe2e.com password 7 12344567
 ppp ipcp dns request
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip dns server
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
no scheduler allocate
end

HOME-LAB#


Regards
Taher
0
Comment
Question by:taherudin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 24

Expert Comment

by:rfc1180
ID: 33547227
This site will have all the information and examples that you need:

http://www.nil.com/ipcorner/RedundantMultiHoming/

Billy
0
 
LVL 1

Author Comment

by:taherudin
ID: 33551292
any one can help in this ?
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 500 total points
ID: 33551561
You can not do HSRP as you only have one router, you will only be able to do IP SLA:
Note, you will need to know an IP on the remote end of the IP SLA to ping; I have included google.com and yahoo.com, but if either of those sites go down, you will have issues. Please use a next-hop in your ISP network that will always remain up.

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HOME-LAB
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$2WxH$.2ReAe82B8zoZcCwNYxJp0
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
ip cef
ip sla monitor 1
 type echo protocol ipIcmpEcho google.com source-interface Dialer0
 timeout 1000
 threshold 40
 frequency 3
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2
 type echo protocol ipIcmpEcho yahoo.com source-interface Dialer1
 timeout 1000
 threshold 40
 frequency 3
ip sla monitor schedule 2 life forever start-time now
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
   dns-server 192.168.3.1
   lease 40
!
track 1 rtr 1 reachability
 delay down 15 up 10
!
track 2 rtr 2 reachability
 delay down 15 up 10

ip tcp synwait-time 10
!
username root privilege 15 password 7 151F0A1F102F39
!
interface FastEthernet0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 description Vlan DATA
 ip address 192.168.3.1 255.255.255.0
  no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1412
!
interface Async1
 no ip address
 encapsulation slip
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname 70240001695@4096.afaqe2e.com
 ppp chap password 7 1234567
 ppp pap sent-username 70240001695@4096.afaqe2e.com password 7 12344567
 ppp ipcp dns request
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2 2
!
ip dns server
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map isp1 interface Dialer0 overload
ip nat inside source route-map isp2 interface Dialer1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
!
route-map isp1 permit 10
 match ip address 1
 match interface Dialer0
!
route-map isp2 permit 10
 match ip address 1
 match interface Dialer1

no cdp run
!
control-plane
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
no scheduler allocate
end


Billy
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud.  Where is your data? Who can access it? Will it be safe from accidental deletion?  All of these questions and more are imp…
Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question