Failing to see 2nd WAN?

[echang15]

Hello,

I solved my initial problems with my router, but now im stuck at the part where I have DSL on Eth1, but I cant connect to the T1 via Eth0.

router#write t
Building configuration...

Current configuration : 4377 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
logging buffered 52000 debugging
enable secret 5 x
enable password x
!
no aaa new-model
!
resource policy
!
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00 mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ip subnet-zero ! ! ip cef no ip dhcp use vrf connected ip dhcp excluded-address 192.168.0.1 ip dhcp excluded-address 192.168.0.34 192.168.0.254 ip dhcp excluded-address 192.168.0.2 ! ip dhcp pool Default
import all
network 192.168.0.0 255.255.255.0
dns-server 151.202.0.85 65.106.1.196
default-router 192.168.0.1
lease 5
!
!
no ip ips deny-action ips-interface
ip sla monitor 1
type echo protocol ipIcmpEcho 67.94.72.193
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2
type echo protocol ipIcmpEcho 71.249.227.1
ip sla monitor schedule 2 life forever start-time now
!
!
crypto pki trustpoint TP-self-signed-4248908665
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4248908665
revocation-check none
rsakeypair TP-self-signed-4248908665
!
!
crypto pki certificate chain TP-self-signed-4248908665 certificate self-signed 01 xx B0ABD4

quit
username echang privilege 15 password 0 x
!
!
track 123 rtr 1 reachability
!
track 124 rtr 2 reachability
!
!
!
!
interface FastEthernet0
description $ETH-WAN$
ip address 71.249.227.154 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet1
description $ETH-WAN$
ip address 67.94.72.220 255.255.255.224
ip nat outside
ip virtual-reassembly
speed auto
half-duplex
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip policy route-map alpha
!
interface Async1
no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 67.94.72.193 track 123
ip route 0.0.0.0 0.0.0.0 71.249.227.1 track 124
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat source static tcp 192.168.0.104 5900 71.249.227.155 5900 extendable
ip nat inside source list 1 interface FastEthernet0 overload ip nat inside source static tcp 192.168.0.218 5900 67.94.72.218 5900 extendable
!
access-list 1 permit 192.168.0.0 0.0.0.255
snmp-server community x RO
! route-map alpha permit 10
set ip next-hop verify-availability 67.94.72.193 10 track 123
set ip next-hop verify-availability 71.249.227.1 20 track 124
!
!
!
!
control-plane
!
!
line con 0 line 1 modem InOut stopbits 1



oddly, when I have only one WAN plugged in, i still receive both routes as "up" when I do a show track. any hints would be much appareciated.

thanks.

 

[KiscoKid]

Your config seems incomplete to me as you don't appear to be actually tracking anything! Take a look at the following URL and see if that helps:

http://www.cisco.com/en/US/products..._feature_guide09186a00801d862d.html#wp1071672

 

[echang15]

Thanks for the reply;

however, when i do the 'rtr 1 .... ' command, it get accepted, but translated to

ip sla monitor 1
type echo protocol ipIcmpEcho 67.94.72.193
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2
type echo protocol ipIcmpEcho 71.249.227.1
ip sla monitor schedule 2 life forever start-time now

which does work. I do receive status updates from the 'show track' command, which strikes me as puzzling.

 

[echang15]

quick bump and current setup:

router#write t
Building configuration...

Current configuration : 4413 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
logging buffered 52000 debugging
enable secret x
enable password x
!
no aaa new-model
!
resource policy
!
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1
ip dhcp excluded-address 192.168.0.34 192.168.0.254
ip dhcp excluded-address 192.168.0.2
!
ip dhcp pool Default
import all
network 192.168.0.0 255.255.255.0
dns-server 151.202.0.85 65.106.1.196
default-router 192.168.0.1
lease 5
!
!
no ip ips deny-action ips-interface
ip sla monitor 1
type echo protocol ipIcmpEcho 67.94.72.193
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2
type echo protocol ipIcmpEcho 71.249.227.1
ip sla monitor schedule 2 life forever start-time now
!
!
crypto pki trustpoint TP-self-signed-4248908665
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4248908665
revocation-check none
rsakeypair TP-self-signed-4248908665
!
!
crypto pki certificate chain TP-self-signed-4248908665
certificate self-signed 01
xxx

quit

username echang privilege 15 password 0 xxx
!
!
track 123 rtr 1 reachability
!
track 124 rtr 2 reachability
!
!
!
!
interface FastEthernet0
description $ETH-WAN$
ip address 71.249.227.154 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet1
description $ETH-WAN$
ip address 67.94.72.220 255.255.255.0
ip nat outside
ip virtual-reassembly
speed auto
half-duplex
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip policy route-map alpha
!
interface Async1
no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 67.94.72.193
ip route 0.0.0.0 0.0.0.0 71.249.227.1 100
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat source list 1 interface FastEthernet0 overload
ip nat source static tcp 192.168.0.104 5900 71.249.227.155 5900 extendable
ip nat inside source list 1 interface FastEthernet0 overload
ip nat inside source static tcp 192.168.0.218 5900 67.94.72.218 5900 extendable
!
access-list 1 permit 192.168.0.0 0.0.0.255
snmp-server community x RO
!
route-map alpha permit 10
set ip next-hop verify-availability 67.94.72.193 10 track 123
set ip next-hop verify-availability 71.249.227.1 20 track 124
!
!
!
!
control-plane
!
!
line con 0
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
privilege level 15
password x
login local
transport input telnet ssh
!
end

router#


I tried not using the track function and using straight metric priorities, but no dice. Currently the big problem is that i can ping outside from the router, but can't internall y when using the T1 line (Eth1)

I believe that im having trouble NATing FastEthernet1 correctly.

Any suggestions?

many thanks as usual.