Articles in this section

See more

How do I configure my Cisco router for Failover to Cellular (F2C)?

Robert Waldie
  • Updated
Follow

F2C allows your primary site router (often referred to as “downstream router”) to utilize the Opengear’s internal cellular modem as a backup WAN connection. This guide assumes that you are already familiar with how F2C works, and have configured IP Passthrough on your Opengear appliance. If not, please start here:

https://opengear.zendesk.com/entries/79958689-Can-I-use-Opengear-cellular-as-a-failover-WAN-link-for-a-remote-LAN-F2C-

Before continuing, validate that your Cisco router supports the IP SLA feature and is running IOS 12.4T or later. This guide was written using a Cisco ISR 891 running IOS 15.3(1)T as a reference.

Setting up a downstream Cisco router for F2C consists of the following steps:

  1. Configure interfaces
  2. Configure NAT & access from LAN
  3. Configure IP SLA & WAN routing

Topology

cisco_f2c_diagram.png

Interface Configuration

Configure the interface connected to the primary ISP, in this example we are configuring the ISR 891's Gigabit Ethernet WAN port (WAN GE 0 aka GigabitEthernet0) with the static IP address of 12.34.56.78/30, allocated by our primary ISP:

Router(config)#int GigabitEthernet0
Router(config-if)#description Primary
Router(config-if)#ip address 12.34.56.78 255.255.255.252
Router(config-if)#no shut
Router(config-if)#exit

 

Configure the interface connected to the Opengear appliance (to the interface selected under IP Passthrough -> Interface) to use DHCP, in this example we are using the ISR 891's Fast Ethernet WAN port (FE 8 aka FastEthernet8):

Router(config)#int FastEthernet8
Router(config-if)#description F2C
Router(config-if)#ip address dhcp
Router(config-if)#no shut
Router(config-if)#exit

 

Configure your LAN interface, in this example we are configuring the LAN to use the default VLAN, connected by the ISR 891's integrated 8-port 10/100 switch ports (FE LAN 0 - 7 aka FastEthernet0-7).

Router(config)int range FastEthernet0-7
Router(config-if-range)#no shut
Router(config-if-range)#exit
Router(config)#int Vlan1
Router(config-if)#description LAN
Router(config-if)#ip address 10.3.2.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit

 

Alternatively, if you are connecting the router to an external switch via a trunking port, your inside interface may be a subinterface with VLAN tagging, e.g.:

Router(config)#int FastEthernet0/1.100
Router(config-if)#description LAN
Router(config-if)#ip address 10.3.2.1 255.255.255.0
Router(config-if)#encapsulation dot1Q 100
Router(config-if)#no shut
Router(config-if)#exit

 

LAN Access & NAT

Create an access list and use route maps to allow your LAN subnet out either of the WAN connections. In this example our LAN subnet is 10.3.2.0/24.

Router(config)#access-list 1 permit 10.3.2.0 0.0.0.255
Router(config)#route-map Primary permit 10
Router(config-route-map)#match ip address 1
Router(config-route-map)#match interface GigabitEthernet0
Router(config-route-map)#exit
Router(config)#route-map F2C permit 10
Router(config-route-map)#match ip address 1
Router(config-route-map)#match interface FastEthernet8
Router(config-route-map)#exit

 

Configure NAT from the LAN to both Primary and F2C WAN connections:

Router(config)#ip nat inside source route-map Primary interface GigabitEthernet0 overload
Router(config)#ip nat inside source route-map F2C interface FastEthernet8 overload
Router(config)#int GigabitEthernet0
Router(config-if)#ip nat outside
Router(config-if)#exit
Router(config)#int FastEthernet8
Router(config-if)#ip nat outside
Router(config-if)#exit
Router(config)#int Vlan1
Router(config-if)#ip nat inside
Router(config-if)#exit

 

IP SLA & WAN Routing

Configure IP SLA to test the Primary connection by pinging a remote IP that should normally be reachable, e.g. Google's public DNS server at 8.8.8.8 or the ISP's gateway address (in this example 12.34.56.77).  If you are using a remote address other than the ISP's gateway, ensure you also add a static route to the remote IP via the gateway.

Router(config)#ip sla 1
Router(config-ip-sla)#icmp-echo 8.8.8.8 source-interface GigabitEthernet0
Router(config-ip-sla-echo)#threshold 1000
Router(config-ip-sla-echo)#timeout 1000
Router(config-ip-sla-echo)#frequency 5
Router(config-ip-sla-echo)#exit
Router(config)#ip route 8.8.8.8 255.255.255.255 12.34.56.77
Router(config)#ip sla schedule 1 life forever start-time now

 

Track the state of the IP SLA:

Router(config)#track 1 ip sla 1 reachability
Router(config-track)#delay down 1 up 1
Router(config-track)#exit

 

Finally, configure a route out the primary interface via your ISP gateway (in this example our ISP has allocated a gateway route of 12.34.56.77) to be installed only while tracking is successful, and a higher metric route via F2C that will be used otherwise:

Router(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 12.34.56.77 track 1
Router(config)#ip route 0.0.0.0 0.0.0.0 FastEthernet8 dhcp 10

 

Complete documentation for Cisco’s IP SLA feature can be found at:

http://www.cisco.com/c/en/us/td/docs/ios/12_4/ip_sla/configuration/guide/hsla_c.html

Resulting Configuration

The configuration steps above will result in the following config snippet on a Cisco ISR 891:

track 1 ip sla 1 reachability
 delay down 1 up 1
!
interface FastEthernet0
 no ip address
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 no ip address
!
interface FastEthernet3
 no ip address
!
interface FastEthernet4
 no ip address
! 
interface FastEthernet5
 no ip address
!
interface FastEthernet6
 no ip address
!
interface FastEthernet7
 no ip address
!
interface FastEthernet8
 description F2C
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0
 description Primary
 ip address 12.34.56.78 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface Vlan1
 description LAN
 ip address 10.3.2.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
!
ip nat inside source route-map F2C interface FastEthernet8 overload
ip nat inside source route-map Primary interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 12.34.56.77 track 1
ip route 0.0.0.0 0.0.0.0 FastEthernet8 dhcp 10
!
ip sla auto discovery
ip sla 1
 icmp-echo 8.8.8.8 source-interface GigabitEthernet0
 threshold 1000
 timeout 1000
 frequency 5
ip sla schedule 1 life forever start-time now
!
route-map F2C permit 10
 match ip address 1
 match interface FastEthernet8
!
route-map Primary permit 10
 match ip address 1
 match interface GigabitEthernet0
!
access-list 1 permit 10.3.2.0 0.0.0.255

Related articles

Comments

0 comments

Article is closed for comments.

Powered by Zendesk