Добрый день. Вот конфа 871, на AUX висит Siemens MC32i, на WAN эмулируем интернет. С киски по ssh и через VLAN 1 всё пингую через FE4. Но при переключении на резервный (смотрю debug ppp authentication, вижу коннект) Async1 всё пропадает. Ни с киски, ни с VLAN 1 я уже ничего не вижу. Думаю что дело в NATе. Помогите кто чем сможет.

version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname test_azs
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login NO_AUTHEN none
aaa authentication ppp default local
!
aaa session-id common
!
resource policy
!
ip subnet-zero
no ip source-route
ip cef
!
!
no ip domain lookup
ip domain name yourdomain.com
ip sla 1
icmp-echo 87.250.251.8
timeout 1000
threshold 2
frequency 3
ip sla schedule 1 life forever start-time now
no vlan accounting input
!
chat-script DIALOUT ABORT ERROR ABORT BUSY "" "AT" OK "ATDT \T" TIMEOUT 45 CONNECT \c
chat-script INIT "" ATZ OK AT OK
chat-script RESET "" "WAIT 30" ATZ OK ATH0 OK AT OK
chat-script reset "" \d\d\d+++\d\d\d
chat-script mts TIMEOUT 90 "" AT+CGDCONT=1,"IP","internet.mts.ru" OK ATDT\T CONNECT
modemcap entry MY_USR_MODEM:MSC=ATZ
modemcap entry MyTest:MSC=&F1SO=1
modemcap entry usr-modem:MSC=AT+CGDCONT=1,"IP","internet.mts.ru"
!
!
!
track timer interface 5
track timer ip route 20
!
track 1 rtr 1 reachability
delay down 10 up 30
!
!
!
!
interface Loopback0
no ip address
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address 192.168.4.67 255.255.0.0
ip access-group 102 in
ip access-group 102 out
ip nat outside
ip nat enable
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.0.0.1 255.0.0.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip nat enable
ip virtual-reassembly
!
interface Async1
ip address negotiated
ip nat outside
no ip virtual-reassembly
encapsulation ppp
no ip mroute-cache
load-interval 30
dialer in-band
dialer string "*99***1#"
dialer redial interval 20 attempts 2
dialer-group 1
async mode dedicated
no peer default ip address
no fair-queue
ppp chap refuse
ppp pap sent-username mts password 7 151F1F1F
routing dynamic
!
interface Dialer1
no ip address
encapsulation ppp
no ip mroute-cache
no logging event link-status
dialer pool 1
peer default ip address pool defa
no fair-queue
no cdp enable
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet4 192.168.3.1
ip route 0.0.0.0 0.0.0.0 Async1 200
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list NAT_ISP interface FastEthernet4 overload
ip nat inside source list NAT_ISP2 interface Async1 overload
!
ip access-list extended NAT_ISP
permit ip any any
ip access-list extended NAT_ISP2
permit ip any any
!
logging trap debugging
access-list 102 permit ip any any
dialer-list 1 protocol ip list 102
no cdp run
!
control-plane
!
!
line con 0
modem enable autodetect
speed 57600
line aux 0
exec-timeout 0 0
script dialer mts
script reset reset
modem InOut
exec-character-bits 8
special-character-bits 8
no exec
transport input all
transport output all
escape-character BREAK
stopbits 1
speed 57600
flowcontrol hardware
line vty 0 4
access-class 1 in
privilege level 15
transport preferred ssh
transport input ssh
!
scheduler max-task-time 5000
end