05-08-2009 09:18 AM - edited 03-04-2019 04:42 AM
I have an 1811W router with IOS 12.4(24)T. I used CCP to configure the router because SDM stoped working. Currently nothing gets out either WAN port(both ethernet). A test on the WAN connection gives me a DNS error. I configured the DNS servers, NAT, static routes and lastely the firewall, however nothing is getting out. If I open a web browser to the IP address of the WAN IP, I get the 1811W's web page, not the next hop router's web page.
05-08-2009 09:55 AM
05-08-2009 10:52 AM
Your acl looks strange to me:
access-list 103 permit tcp 172.18.32.0 0.0.31.255 host 172.18.32.1 eq telnet
access-list 103 permit tcp 172.18.32.0 0.0.31.255 host 172.18.32.1 eq 22
access-list 103 permit tcp 172.18.32.0 0.0.31.255 host 172.18.32.1 eq www
access-list 103 permit tcp 172.18.32.0 0.0.31.255 host 172.18.32.1 eq 443
access-list 103 permit tcp 172.18.32.0 0.0.31.255 host 172.18.32.1 eq cmd
You're only allowing traffic to your router for web access. Try removing the acl from the bvi1 interface, and then see if your connection works.
HTH,
John
05-08-2009 11:03 AM
After running the firewall config, it looks like it does not add any rules for DNS trafic. Also CCP won't let me change any of the firewall rules or add a new ones. I also noticed that when the firewall cong runs, it states that it is going to write over the existing rules but it does not remove the old assocciated rules. Nothing happens when I try to change the firewall rules. Everything else on CCP works. I am running windows Vista Business and CCP version 1.3.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide