Solved: Cisco 2600 Router - home network

the1337bofh · ‎08-20-2010

I have a 2600 router that I setup in 2007 for use in a home network. Due to sitting with no power since 2008, the config is lost. Basically I don't remember anything about programming routers. I've spent the day researching and trying to remember.

My network setup consists of 1 internet IP address and a dhcp pool of 172.16.1.0/24. I don't want any restrictions of outbound connections. I don't want any allowed inbound connections just yet. So far I connected my laptop to fa0/1 and my internet to fa0/0. From the terminal inside the router I can ping anywhere I like, including resolving hostnames. From my laptop I can ping the internal and external addresses of the router, but no farther. Something isn't clicking right in my crazy head and it's getting late. I was hoping for a little help on completing this. Below is my (shortened) config.

One note about the access-list before you read the config. I have access-list 1 to permit any. I set access-group 1 in and out on both fa0/0 and 0/1 just to see. No success. I removed them until I got it right. So that is why you don't see it in the config. I'm not even sure which is supposed to be set at this point. Hopefully I'll have a cleaerer head on the subject in the morning.

Current configuration : 1403 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
no network-clock-participate slot 1
no network-clock-participate wic 0
voice-card 1
!
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 172.16.1.1 172.16.1.99
ip dhcp excluded-address 172.16.1.250 172.16.1.255
!
ip dhcp pool home
   network 172.16.1.0 255.255.255.0
   dns-server 208.67.222.222 208.67.220.220
   default-router 172.16.1.1
!
interface FastEthernet0/0
ip address 216.xxx.yyy.zzz 255.255.255.0
ip nat outside
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
no dce-terminal-timing-enable
!
interface FastEthernet0/1
ip address 172.16.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
ip http server
ip nat pool home 216.xxx.yyy.zzz 216.xxx.yyy.zzz prefix-length 24
!
access-list 1 permit any

kyukim · ‎08-20-2010

Hi,

You are missing a NAT statement to connect ACL and NAT POOL and do NAT translation.

"ip nat inside source list 1 pool home"

Read below link for more detail.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml#topic4

And, let me if it is not working.

Have a good weekend.

KK

View solution in original post

kyukim · ‎08-20-2010

Hi,

You are missing a NAT statement to connect ACL and NAT POOL and do NAT translation.

"ip nat inside source list 1 pool home"

Read below link for more detail.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml#topic4

And, let me if it is not working.

Have a good weekend.

KK

the1337bofh · ‎08-21-2010

KK,

That was perfect and exactly what I was looking for. I knew I needed to

connect them all together somehow, but couldn't think of how for the life of

me. Thank you very much. I also changed my access to only permit

172.16.1.0/24 as I should have done last night.

If you have time for one more question, I would be grateful. I am trying to

map port 80 to my web server, and I'm falling a bit short. I have several

PDF documents and a few webpages listed here that all say the same thing,

however it isn't quite working. Here is what I have tried.

ip nat inside source static tcp 172.16.1.100 80 216.xxx.yyy.zzz 80

extendable