Let's say I have the the following configuration on a Cisco router.
ISP 1
Connected and configured into GigabitEthernet8.
VLAN 1 192.168.0.0/24, NAT configured.
Gateway is 192.168.0.1.
ISP 2
Connected to interface FastEthernet0.
Currently not configured.
ISP gives one dynamic IP so "ip address dhcp" should be in place.
NAT must be configured.
What would you do to configure ISP 2 gateway to be 192.168.0.2?
If ISP 1 fails and gateway is not reachable, it must not failover to ISP 2 gateway, also load-balancing must not be active.
The idea is to manually set the ISP 2 gateway on specific computers manually when needed, or through a DHCP server configured inside the subnet.
EDIT:
Current configuration, removed and censored unnecessary stuff.
interface FastEthernet0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0
no ip address
!
interface GigabitEthernet1
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
no ip address
!
interface GigabitEthernet5
no ip address
!
interface GigabitEthernet6
no ip address
!
interface GigabitEthernet7
no ip address
!
interface GigabitEthernet8
ip address X.X.X.42 255.255.255.248 (First ISP 1 usable IP for NAT)
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly in
duplex full
speed auto
no keepalive
no cdp enable
!
interface Vlan1
ip address 192.168.0.1 255.255.255.0
no ip proxy-arp
ip nat inside
ip inspect Firewall in
ip virtual-reassembly in
!
!
ip nat inside source list NAT interface GigabitEthernet8 overload
ip nat inside source static 192.168.0.143 X.X.X.43 extendable (A few NAT1:1)
ip nat inside source static 192.168.0.144 X.X.X.44 extendable
ip nat inside source static 192.168.0.145 X.X.X.45 extendable
ip nat inside source static 192.168.0.146 X.X.X.46 extendable
ip route 0.0.0.0 0.0.0.0 190.196.17.41 (ISP 1 gateway)
!
ip access-list standard ADMIN
permit 200.75.15.0 0.0.0.63
permit 200.75.19.192 0.0.0.63
!
ip access-list extended FILTERS
permit icmp any any
permit ip host 192.168.0.143 host X.X.X.43 (Filters to allow NAT1:1 all traffic)
permit ip host 192.168.0.144 host X.X.X.44
permit ip host 192.168.0.145 host X.X.X.45
permit ip host 192.168.0.146 host X.X.X.46
ip access-list extended NAT
permit ip 192.168.0.0 0.0.0.255 any
!
Ideas for the solution,
We know that ISP 2 is at FastEthernet0 and has a dynamic IP, so also since it's only one IP we need NAT outside when more than one client uses the ISP 2 gateway, supposedly to be configured at 192.168.0.2.
interface FastEthernet0
ip address dhcp
ip nat outside
duplex auto
speed auto
!
And after that I'm not sure what to do, add an outbound route for Internet access to the gateway for ISP 2? Set the ISP 2 gateway to be 192.168.0.2? But how?
EDIT 2:
I have found this on a forum, please give it a read:
http://www.dslreports.com/forum/r20113274-
Be aware that the ISP 2 device is actually a generic Arris router that I have configured to be "bridged", I can set it back to routed and configure it according to that forum post if the setup can't done with the ISP 2 router working in bridge mode.
Best Answer
I think you misunderstood how a router process a packet, thus coming with a solution that is not at all appropriate for your needs.
Why?
Let say computer A has the following configuration:
00:53:BA:12:17:19192.168.0.7255.255.255.0192.168.0.1A send a packet to the internet host www.example.com which has IP address
203.0.113.5.The packet has the following characteristics:
It compare (in binary) its subnet mask with the destination IP address and find that the destination is not on the local subnet, so it will send the packet to its default gateway, 192.168.0.1
It lookup in its ARP table and if needed perform an ARP request to find the mac address of the host which hold the 192.168.0.1 IP address.
It finds
00:53:00:17:a7:b3Then it builds a frame with the following characteristics:
inside this ethernet frame the IP packet is encapsulted, and it still has:
As you can seed the destination IP address is NOT the gateway.
So the router receive this frame, strip the Ethernet header and lookup the packet to perform a routing decision.
The basic of routing is that the routing decision is made solely on the destination IP address, 203.0.113.5 The router then look in its routing table, find a route for 203.0.113.5 and send the packet through the associated interface (performing NAT if configured which is required here).
As you can see, the IP address of the gateway that was used has no role in the routing decision. And, more importantly, the router does not even know what was this IP address. It only know on which interface the frame arrived
Ok so, why not configuring 2 different gateways on two different interfaces. Well you can't, not on a Cisco router. You cannot have two overlapping networks on two different layer 3 interfaces. Otherwise the router could not decide on which interface it must send a packet for this network.
This is why your dual gateway cannot work. But more importantly, it's not required to achieve your goal.
What could work?
Now if you want the router to take a different routing decision based on the sender, it is possible. It's called
policy based routing(PBR)PBR allow you to configure different routing table on the router, and perform routing decision on different criteria.
The most common (and easy to configure) criteria are the source IP address and destination IP address.
Note that you can specify the outgoing interface rather than the next-hop IP, which is handy for a outgoing interface configured by DHCP.
So what you have to do (if I understood correctly what you want), is to:
To manually change the outgoing interface for some computer in case one link fail, you just have to alter the route-map, which is a matter of minutes.
You can have 4 pools for example: