Here is a generic object tracking config I put together on an install yesterday. Its not completed, as I have some security stuff to do on it, but you will get the idea for the topic at hand, which is Cisco's object-tracking feature. I have changed IPs and taken out userIDs, etc. for the obvious reasons. I have a good post about object-tracking configuration and notes here at this link. Enjoy.
Cisco2911#sh run
Building configuration...
Current configuration : 4489 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Cisco2911
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
aaa new-model
aaa authentication login default local
aaa session-id common
no ipv6 cef
no ip source-route
ip cef
no ip bootp server
no ip domain lookup
ip domain name cisco.com
multilink bundle-name authenticated
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-XXXXXXX
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-XXXXXXX
revocation-check none
rsakeypair TP-self-signed-XXXXXXX
crypto pki certificate chain TP-self-signed-XXXXXXX
certificate self-signed 01
quit
license udi pid CISCO2911/K9 sn FTXXXXXXXX
redundancy
ip ssh time-out 60
!
track 10 ip sla 1 reachability
delay down 2 up 2
!
track 20 ip sla 2 reachability
delay down 2 up 2
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description Internal Network
ip address 172.16.0.5 255.255.254.0
no ip unreachables
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description To ISP DSL
ip address 30.30.30.194 255.255.255.248
no ip unreachables
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/2
no ip address
no ip unreachables
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source route-map nat interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 172.16.0.2 track 10
ip route 0.0.0.0 0.0.0.0 30.30.30.193 5 track 20
ip route 4.2.2.2 255.255.255.255 30.30.30.193 permanent
ip route 40.41.42.43 255.255.255.255 172.16.0.2 permanent
!
ip sla 1
icmp-echo 40.41.42.43 source-ip 172.16.0.5
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 4.2.2.2 source-ip 30.30.30.194
frequency 5
ip sla schedule 2 life forever start-time now
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 104 permit ip any any
!
no cdp run
!
route-map nat permit 10
match ip address 104
!
control-plane
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
privilege level 15
transport input ssh
line vty 5 15
privilege level 15
transport input ssh
!
scheduler allocate 20000 1000
end
