08-08-2013 05:14 AM - edited 03-07-2019 02:49 PM
Hey Guys, complete cisco noobie here, first ever product so this has been a learning process that's for sure.
Running the below basic script but not getting anything, not sure if i'm missing something/done something wrong.
Thanks
ip dhcp pool LAN_CLIENTS
network 10.0.0.0 255.255.255.0
default-router 10.0.0.166
dns-server 61.9.194.49 61.9.195.193
!
ip dhcp excluded-address 10.0.0.166 10.0.0.166
!
ip inspect name DEFAULT_OUT icmp
ip inspect name DEFAULT_OUT tcp
ip inspect name DEFAULT_OUT udp
ip inspect name DEFAULT_OUT ftp
!
interface ATM0
description --- Bigpond ADSL WAN Connection ---
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
pvc 8/35
tx-ring-limit 3
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description --- Internal LAN ---
ip address 10.0.0.166 255.255.255.0
no ip redirects
no ip proxy-arp
ip nat inside
ip route-cache flow
!
interface Dialer0
description --- Bigpond ---
ip address negotiated
ip access-group 100 in
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect DEFAULT_OUT out
encapsulation ppp
ip route-cache flow
dialer pool 1
no cdp enable
ppp authentication chap callin
ppp chap hostname <bigpond_username>@bigpond
ppp chap password <bigpond_password>
!
ip nat inside source list 190 interface Dialer0 overload
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 100 remark --- Internet Interface ACL ---
access-list 100 remark Drop anything that's not related to an outbound connection.
access-list 100 deny ip any any log
access-list 190 remark --- NAT Map ---
access-list 190 permit ip 192.168.0.0 0.0.0.255 any
08-08-2013 02:54 PM
Hy Andrew,
The problem could be in NAT config.
With access-list 190 you're nattin' a wrong subnet (192.168.0.0/24) but your inside lan seems to be 10.0.0.0/24. So you have to change ACL 190:
Conf t
No access-list 190
Access-list 190 permit ip 10.0.0.0 0.0.0.255 any
Hope this helps.
Regards
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide