Solved

cisco 1811 HSRP for 2 ISP

Posted on 2010-08-27
3
1,270 Views
Last Modified: 2012-05-10
Hello Experts

I like to add HSRP-IPSLA Cisco 1811 router backup internet if down 1wan isp, 2wan  isp should work auto, i am using int f/0 PPOE, and i like to add one more PPOE an int F/1, if any one can advice to will be better, bellow i have config


Current configuration : 4317 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HOME-LAB
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$2WxH$.2ReAe82B8zoZcCwNYxJp0
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
   dns-server 192.168.3.1
   lease 40
!
ip tcp synwait-time 10
!
username root privilege 15 password 7 151F0A1F102F39
!
interface FastEthernet0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 description Vlan DATA
 ip address 192.168.3.1 255.255.255.0
  no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1412
!
interface Async1
 no ip address
 encapsulation slip
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname 70240001695@4096.afaqe2e.com
 ppp chap password 7 1234567
 ppp pap sent-username 70240001695@4096.afaqe2e.com password 7 12344567
 ppp ipcp dns request
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip dns server
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
no scheduler allocate
end

HOME-LAB#


Regards
Taher
0
Comment
Question by:taherudin
  • 2
3 Comments
 
LVL 24

Expert Comment

by:rfc1180
ID: 33547227
This site will have all the information and examples that you need:

http://www.nil.com/ipcorner/RedundantMultiHoming/

Billy
0
 
LVL 1

Author Comment

by:taherudin
ID: 33551292
any one can help in this ?
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 500 total points
ID: 33551561
You can not do HSRP as you only have one router, you will only be able to do IP SLA:
Note, you will need to know an IP on the remote end of the IP SLA to ping; I have included google.com and yahoo.com, but if either of those sites go down, you will have issues. Please use a next-hop in your ISP network that will always remain up.

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HOME-LAB
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$2WxH$.2ReAe82B8zoZcCwNYxJp0
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
ip cef
ip sla monitor 1
 type echo protocol ipIcmpEcho google.com source-interface Dialer0
 timeout 1000
 threshold 40
 frequency 3
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2
 type echo protocol ipIcmpEcho yahoo.com source-interface Dialer1
 timeout 1000
 threshold 40
 frequency 3
ip sla monitor schedule 2 life forever start-time now
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.3.1
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
   dns-server 192.168.3.1
   lease 40
!
track 1 rtr 1 reachability
 delay down 15 up 10
!
track 2 rtr 2 reachability
 delay down 15 up 10

ip tcp synwait-time 10
!
username root privilege 15 password 7 151F0A1F102F39
!
interface FastEthernet0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 description Vlan DATA
 ip address 192.168.3.1 255.255.255.0
  no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1412
!
interface Async1
 no ip address
 encapsulation slip
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname 70240001695@4096.afaqe2e.com
 ppp chap password 7 1234567
 ppp pap sent-username 70240001695@4096.afaqe2e.com password 7 12344567
 ppp ipcp dns request
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2 2
!
ip dns server
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map isp1 interface Dialer0 overload
ip nat inside source route-map isp2 interface Dialer1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
!
route-map isp1 permit 10
 match ip address 1
 match interface Dialer0
!
route-map isp2 permit 10
 match ip address 1
 match interface Dialer1

no cdp run
!
control-plane
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
no scheduler allocate
end


Billy
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now