Multiple VLAN, 2 WAN - Load Balance, Failover and NAT - Oh my

Question:

I'm bashing my WS-C3560V2-48PS-S   head here trying to figure out something which I believe is really not as difficult as I'm making it out to be.

I have 3 VLANs (router on a stick setup) and 2 WAN interfaces on a single router.

VLAN1 -> ISP1

VLAN2, VLAN3 -> ISP2                 

How can I set this up so that VLAN1 uses ISP1 as it's primary internet connection?

How can I set this up so that VLAN2 and VLAN3 use ISP2 as their primary internet connection?

How can I set this up so that VLAN1 will use ISP2 if ISP1 fails?

How can I set this up so that VLAN2, VLAN3 will use ISP1 if ISP2 fails?

I ran into problems before with issues due to NAT - when trying to use IP SLA and event applets to just update route-map commands.  That failed horribly.  So I think I'll send this to the community since I'm at a loss and I need to have another set of eyes look at this -- if its something even possible using just a single router.

Answer:

here is one way you can do:

ip access-list extended VL1_TRAFFIC

  permit ip 192.168.1.0 0.0.0.255 any

ip access-list extended VL23_TRAFFIC

  permit ip 192.168.2.0 0.0.0.255 any

  permit ip 192.168.3.0 0.0.0.255 any

ip sla 1

icmp-echo 8.8.8.8 source-interface s1/0

frequency 4

timeout 2000

ip sla 23

icmp-echo 8.8.8.8 source-interface s1/1

frequency 4

timeout 2000

ip sla schedule 1 start now life forever

ip sla schedule 23 start now life forever

track 1 ip sla 1

track 23 ip sla 23

1) VLan 1---> ISP1( Primary), ISP2( secondary)

route-map VL1_TRAFFIC permit 10

match ip address VL1_ACL

set ip next-hop x.x.x.x  verify-reachability track 1   # ISP1 next-hop

set ip next-hop x.x.x.x    # ISP2 next-hop

interface f0/0.1

ip nat in

ip policy route-map VL1_TRAFFIC

2) VLan 2,3---> ISP2( Primary), ISP1( secondary)

route-map VL1_TRAFFIC permit 10

match ip address VL23_ACL

set ip next-hop x.x.x.x  verify-reachability track 23   #ISP2 next-hop

set ip next-hop x.x.x.x    # ISP1 next-hop

interface f0/0.2

ip nat in

ip policy route-map VL23_TRAFFIC

interface f/0.3

ip nat in

ip policy route-map VL23_TRAFFIC

3) NAT overload:

route-map NAT_VL1 permit 10

match ip address VL1_TRAFFIC

match interface s1/0

route-map NAT_VL23 permit 10

match ip address VL23_TRAFFIC

match interface s1/1

ip nat inside source route-map NAT_VL1 interface s1/0    #ISP1

ip nat inside source route-map NAT_VL23 interface s1/1   #ISP2 WS-C3560X-48PF-L Price