Cisco IOS Firewall

Unanswered Question
Oct 1st, 2007
User Badges:


I have applied an ACL inbound on the internet interface to secure the router, but some internal networks cannot access the internet. My ACL looks like this.

ip access-list extended InternetIn

remark "Allow inbound Web"

permit tcp any eq www host

I have PAT configured for my inside workstations( to

I have NAT for my servers private IP public IP

All servers, even those those that don't have a one to one NAT can access the internet, but the workstations on network cannot

any ideas why

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Mon, 10/01/2007 - 18:18
User Badges:
  • Green, 3000 points or more

Try this.

for PAT use your outbound interface ip address.


Interface fe0/1 ( Facing internet public IP )

ip address

ip nat outside

interface fe0/2 ( Inside network )

ip address

ip nat inside

ip nat pool mypool netmask

ip nat inside source list 10 pool mypool overload

access-list 10 permit log

if you have problems please post your config.


This Discussion