Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
286
Views
0
Helpful
2
Replies

Am I just overlooking something?

rebrokenglass
Level 1
Level 1

‎09-30-2008 06:54 AM - edited ‎03-06-2019 01:40 AM

All,

I have been looking at a couple configs for the past couple hours and can't seem to get this working. I have 2 1841 routers that were cleared off. One I built up using a base config and then the SDM software. Initially before using the SDM software I could connect to the Interent. However, with this second router it doesn't seem to want to work that way. I can ping/tracert/telnet/ to whatever I want from the actual router, but anything behind it just won't get out. I stripped the configuration down to its barest form. Can someone please tell me what if anything I am doing wrong...

sho run

Building configuration...

Current configuration : 1677 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

!

dot11 syslog

ip cef

!

!

no ip dhcp use vrf connected

!

ip dhcp pool servernet-pool

network 10.12.0.0 255.255.0.0

dns-server X.X.X.X X.X.X.X

default-router 10.12.0.1

lease infinite

!

!

ip name-server X.X.X.X

ip name-server X.X.X.X

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

multilink bundle-name authenticated

!

!

!

!

archive

log config

hidekeys

!

!

!

!

!

interface FastEthernet0/0

description INTERNET

ip address X.X.X.X 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description INTERNAL

ip address 10.12.0.1 255.255.0.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/0/0

!

interface FastEthernet0/0/1

!

interface FastEthernet0/0/2

!

interface FastEthernet0/0/3

!

interface Vlan1

no ip address

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

!

!

ip http server

no ip http secure-server

ip dns server

ip nat inside source list 101 interface FastEthernet0/0 overload

!

access-list 101 remark NAT list to allow data out

access-list 101 remark SDM_ACL Category=16

access-list 101 permit ip 10.12.0.0 0.0.255.255 any log

access-list 101 permit ip 10.22.0.0 0.0.255.255 any log

access-list 101 permit ip 10.32.0.0 0.0.255.255 any log

access-list 101 permit ip X.X.X.X 0.0.0.255 any log

access-list 101 permit ip any any

!

!

!

!

!

!

control-plane

!

!

!

line con 0

line aux 0

line vty 0 4

login

!

scheduler allocate 20000 1000

end

Router#

Thanks a lot.

Labels:
0 Helpful
2 Replies 2

Danilo Dy
VIP Alumni
VIP Alumni

‎09-30-2008 07:12 AM

Try removing this two lines...

!

access-list 101 permit ip X.X.X.X 0.0.0.255 any log

access-list 101 permit ip any any

...it goes like this

!

no access-list 101

!

access-list 101 remark NAT list to allow data out

access-list 101 remark SDM_ACL Category=16

access-list 101 permit ip 10.12.0.0 0.0.255.255 any log

access-list 101 permit ip 10.22.0.0 0.0.255.255 any log

access-list 101 permit ip 10.32.0.0 0.0.255.255 any log

0 Helpful

rebrokenglass
Level 1
Level 1
In response to Danilo Dy

‎09-30-2008 08:04 AM

I tried that, but it did not work. However, I should mention that my other router has the same configuration, but it works. I really don't get what the issue is.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card