Cisco 2811 config

5 pts.
Tags:
Cisco 2811
Cisco Routers
Remote connection
Routers
VPN
WAN
Hi guys, I have two Cisco 2811 routers. Each of them has 2 Fast Ethernet and 1 Serial interfaces. I have two WAN connections on each router. One of them via FastEthernet0/0 and another one via Serial. I try to connect these two routers with redundancy scheme. For example, if primary connection Serial is down FastEthernet0/0 connection should work. And one more thing. I want to have VPN activated on these links. How can I achieve that. Can you please drop me a ready-to-use configuration.

Answer Wiki

Thanks. We'll let you know when a new response is added.

If you are just using the for internet connectivity and not inbound connections something like the following will work…

int fa 0/0
ip add (address given by provider) (netmask given by provider)
ip nat outside

int s0/0
ip add (address given by provider) (netmask given by provider)
ip nat outside

int fa 0/1
ip add (inside ip address) (inside netmask)
ip nat inside

ip dhcp pool MyPool
network (your inside network)
dns-server 4.2.2.2 4.2.2.1
default-router (your inside IP address)

access-list 100 permit ip (inside network) (inside inverse mask)
access-list 101 permit ip (inside network) (inside inverse mask)

ip nat inside source list 100 int fa0/0 overload
ip nat inside source list 101 int s0/0 overload

ip route 0.0.0.0 0.0.0.0 (provider A gateway)
ip route 0.0.0.0 0.0.0.0 (provider B gateway) 100

As far as the VPN, it will really depend on what kind of VPN you are looking for… Are you looking for a L2L tunnel between sites, are you looking for remote-access VPN for users, SSL? IPSec?

Also, some limitations of the config I’ve given you… switching over to the serial interface will rely on the physical interface losing connectivity. If you are connecting to DSL or such and the connection goes down, you’re likely not going to fail over. If you need that kind of functionality SLA monitoring and object tracking on the default route will do the trick. Also if you haven’t noticed you’ll have to fill out your IP addressing and such. but that should at least get you started…

Good luck

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Jfernatt
    Also, be sure to erase your config before you paste that in. Cisco routers come with a default config with ACLS and all kinds of crap on them that is really unnecessary. Also if your FA wan connection is DHCP then replace the ip address statement with 'ip address dhcp' and the first ip route statement with ' ip route 0.0.0.0 0.0.0.0 dhcp '
    605 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following