1811 route/nat/failover help

[makemorebeer]

i've got an 1811 router running an ADSL on one side with a block of five IP's, I've got a second 1811 running an SDSL line. our primary MX goes to the SDSL, and our secondary goes to the ADSL. the networks default route goes to the ADSL. Cisco is telling me that i can't nat traffic from the SDSL to the exchange server because the default route on the exchange box is the ADSL. is it possible to use both SDSL and ADSL at the same time. the purpose behind this is the following:
1) we are looking to have a backup in case the ADSL fails
2) we are hoping for a backup for OWA in case the ADSL fails.
3) there is a third, offsite 1811, that we would like to route through a T1 as a third backup if possible.

Anyone got any suggestions? is this even possible? I can supply additional information if needed.

Thanks.

 

[burtsbees]

Point the default route to the sdsl with an administrative distance of 50---the regular default route will be preferred, but if it fails, the sdsl route will take over. The term is floating static route.

Burt

 

[makemorebeer]

that'll take care of the Nat issue for the filtering appliance, but it won't make OWA accessible from both locations at the same time. Our core switch is not letting me set distance metrics though, i tried that. It's an HP procurve 5300, when i try to use the metric parameter it does not allow it.

Computer Room 5300XL# config t
Computer Room 5300XL(config)# ip route 0.0.0.0
IP-MASK Specify IP address mask.
Computer Room 5300XL(config)# ip route 0.0.0.0 /0
Invalid input: /0
Computer Room 5300XL(config)# ip route 0.0.0.0 /32
Invalid input: /32
Computer Room 5300XL(config)# ip route 0.0.0.0/0
GW-IP_ADDR Specify gateway IP address.
reject Specify that packets are discarded and ICMP error is
returned to sender.
Computer Room 5300XL(config)# ip route 0.0.0.0/0 10.1.254.249
<cr>
Computer Room 5300XL(config)# ip route 0.0.0.0/0 10.1.254.249

The manual states that there is a metric parameter right after the gateway parameter.

I was thinking possible a third 1811 to do route mapping, whicht he core switch is also not capable of doing, but that puts a single dependancy for all our outbound communications on that router. if it fails, we're sunk.

 

[burtsbees]

ip route 0.0.0.0 0.0.0.0 10.1.254.249 50

The mask is not put in like a "/"---you have to specify it in octets. The metric (this example is 50) is put in after the next hop address (gateway).

Burt

 

[makemorebeer]

thought by now you'd have a little faith in me. you are kind of like my personal router help. you tend to be the only one who answers when i ask a question. Anyway, backstory aside, yes, on a cisco you cannot enter it in slash notation, but on an HP you can and this is what our core is, hence that's where the route would need to be put. what i was showing before was the screen readout step by step with ?'s to show the available options. and yes even though after the gateway there is no metric parameter i 've tried putting one in and it does not accept this. Also, just to make sure, i tried putting the octets in instead of using slash notation. same response.

the command you're tlaking about issing would look like this

ip route 0.0.0.0 0.0.0.0 10.1.254.249 50
pro cmd dest. msk. gtwy metric

i've got these in my site to site VPN as well, and they work great.

 

[burtsbees]

My bad---just re-read the post...HP ProCurve...