Solved

Looking for Complete config for Cisco 1812 Dual Wan with IPSLA

Posted on 2010-11-28
7
1,678 Views
1 Endorsement
Last Modified: 2012-05-10
Hi All

I have purchased a new Cisco 1812 dual wan router and 2 internet connections as follows.

ISP1 (FE0) (WAN)      
Static IP: 58.27.132.106
Subnet: 255.255.255.252
Gateway: 58.27.132.105
DNS 10.16.6.11, 10.16.7.12

ISP2 (FE1) (WAN)
DHCP:*.*.
Subnet: 255.255.255.0
Gateway: 192.168.15.1
DNS 192.168.15.1,

LAN (FE2) (LAN)
IP:      10.10.10.1
Subnet:      255.255.255.0
 
I have 2 wan ports
FastEthernet0
FastEthernet1
8 Switch Ports FastEthernet2 / 9
1 Vlan = Vlan1

What would be the complete configuration to enable FastEthernet2 to get an internet connection through the router from ISP1 FastEthernet0 and if it fails to get ISP2 via FastEthernet1 on the basis of internet connectivity not on the basis of network connectivity i.e. to ping www.google.com or any website or websites. I think this will required IP SLA Configuration.
I need failover configuration
LAN side should be enable with DHCP Pool (10.10.10.50---100) (50 clients)
The Router at moment is at factory default configuration with IOS 12.4.
I need complete Configuration from Step 1 to Last Step
Any help would be greatly appreciated.

Many Thanks
Syed Talal Hassan Rizvi
1
Comment
Question by:syedtalal
  • 6
7 Comments
 

Assisted Solution

by:syedtalal
syedtalal earned 0 total points
Comment Utility
Hi All,

i have been able to do the following configuration at my Router and able to run internet via FE1 and my internet is not working via FE0, could you please find below my current configuration and help me out the problem and to achieve earlier mentioned Goal

Building configuration...
 
Current configuration : 3857 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cisco1218
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
no logging buffered
enable secret 5 $1$19k6$Iuk1v7y.qsdD8j1pAEfFj0
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-1075775822
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1075775822
 revocation-check none
 rsakeypair TP-self-signed-1075775822
!
!
crypto pki certificate chain TP-self-signed-1075775822
 certificate self-signed 01
  30820241 308201AA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31303735 37373538 3232301E 170D3130 31313330 31313238
  33325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30373537
  37353832 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100CF3B 16275359 C5E90B72 20A9A5D0 35ED2FD5 469E5F1D 10456E44 8255E64B
  65FD690D 595C603A 3402D6C0 646C0A52 0D3E5D5E 549D3905 69C4A5AA 9064ABD1
  9F6D0659 7792766B 0E9E68FB 30B84084 CFB91DD0 5C6811A0 E9438330 5E5809D4
  27DAE3C9 246B41F7 034D396E C5600882 CEF894C0 F37DBD86 9C71E8E6 3E523F00
  8A370203 010001A3 69306730 0F060355 1D130101 FF040530 030101FF 30140603
  551D1104 0D300B82 09636973 636F3132 3138301F 0603551D 23041830 16801412
  4CD6AEBB CD083639 225D11A8 47A91788 4C5E5130 1D060355 1D0E0416 0414124C
  D6AEBBCD 08363922 5D11A847 A917884C 5E51300D 06092A86 4886F70D 01010405
  00038181 00086E5B BCC75D3B 790CA0BF 8319E126 CF017E06 0187C9AB EA227A8B
  9CB1F8FB E4A5D696 5EDAF342 BFAC9D2E 030630BE DBA12115 1CF9B541 EB75C556
  A01B974D 092BD2DF EF368348 D3ABCB59 44E26DE0 33712461 CBAAEB86 531868D3
  905F1A58 E1FD8EFD 6E8A80C1 C96897DB CA117F09 7178A096 92BEAAFA FE62C7A9
  A1E95F72 0C
   quit
dot11 syslog
ip source-route
!
!
ip dhcp excluded-address 10.10.10.1 10.10.10.9
ip dhcp excluded-address 10.10.10.51 10.10.10.254
!
ip dhcp pool ccp-pool1
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
   dns-server 192.168.15.1 10.16.6.11 10.16.7.12
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
username admin privilege 15 password 0 4262646
!
!
!
archive
 log config
  hidekeys
!
!
!
track 100 ip sla 100 reachability
 delay down 10 up 20
!
!
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet0
 ip address 58.27.132.106 255.255.255.252
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet1
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 description $ES_LAN$
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 10.10.10.0 255.255.255.0 FastEthernet0 10 track 100
ip route 10.10.10.0 255.255.255.0 FastEthernet1 251
no ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source route-map ISP_A interface FastEthernet0 overload
ip nat inside source route-map ISP_B interface FastEthernet1 overload
!
ip sla 100
 icmp-echo 4.2.2.2 source-interface FastEthernet0
 frequency 5
ip sla schedule 100 life forever start-time now
!
!
!
!
route-map ISP_A permit 10
 match interface FastEthernet0
!
route-map ISP_B permit 10
 match interface FastEthernet1
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 3
 login
 transport input none
 transport output none
line vty 4
 password 4262646
 login
 transport input none
 transport output none
!
end


Regards
Syed Talal Hassan
0
 

Assisted Solution

by:syedtalal
syedtalal earned 0 total points
Comment Utility
Hi All,

Now the update is, as per attached runnig-config i am able to run internet on both interfaces and it also switches between FE0 and FE1.
When FE0 interface (internet device Power) goes down it automatically switch within 10secs to FE1 interface and works fine. And vice versa it works fine.

But I am unable to achieve the desired Goal as mentioned in Question i.e. Internet WAN interface should switch on internet base not on network base

See if FE0 internet goes down (from ISP) it should switch to FE1 as the moment it’s not doing.
If interface FE0 network is connected and internet is down then it doesn’t switch to FE1 and I wanted to switch that way

Regards
Syed Talal Hassan

config.txt
0
 
LVL 17

Expert Comment

by:mikecr
Comment Utility
Your default route shouldn't specify FE0 as it's outbound interface, you should specifiy an IP address as the next hop. Tracking the IP should fix your problem. So, your route should be

ip route 0.0.0.0 0.0.0.0 "isp's ip address next hop" track 100

See if that works for you.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:syedtalal
Comment Utility
Dear All,
Find the attached Configuration after this the situation is as following
If both ISP are connected on FE0 and FE1 it auto switch between isp’s , I confirmed by visiting www.whatismyip.com and after 15 secs it goes to ISP 2 and comes back to ISP1. It is doing continuously. Attached is the result of ping.
Now if we unplug the cable of ISP1 from FE0 the internet works fine without any delay or switching. And continuous ping.
And if we plug back the cable of ISP1 FE0 and unplug the cable of ISP2 FE1 internet stopped working totally. No ping at all.
Please guide the error in my configuration.
Regards
Syed Talal Hassan.

CPConfig-Dec-4--2010.txt
ping-requests.txt
0
 

Accepted Solution

by:
syedtalal earned 0 total points
Comment Utility
Dear All,
Please find the attached config of IP SLA on Cisco 1812 which worked perfectly fine.
I hope in future this will help for upcoming people

Regards
Syed Talal Hassan.

RunningConfig-working.txt
0
 

Author Comment

by:syedtalal
Comment Utility
Thanks
0
 

Author Closing Comment

by:syedtalal
Comment Utility
I was able to complete the config by cisco refernce
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now