Cisco 2620 router config question.

Unanswered Question
Aug 26th, 2002
User Badges:

Could anyone please help me figure out why this configuration will not allow any connections to 206.159.159.235 (An inside static NAT route).


Using 2869 out of 29688 bytes

!

version 12.2

no service single-slot-reload-enable

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname DMetalGW

!

logging rate-limit console 10 except errors

no logging console

enable secret ***********************************

enable password *********************************

!

memory-size iomem 15

ip subnet-zero

ip cef

!

!

no ip finger

ip name-server 206.231.8.2

!

ip inspect max-incomplete high 1100

ip inspect one-minute high 1100

ip inspect name fastethernet_0_1 tcp

ip inspect name fastethernet_0_1 udp

ip inspect name fastethernet_0_1 cuseeme

ip inspect name fastethernet_0_1 ftp

ip inspect name fastethernet_0_1 h323

ip inspect name fastethernet_0_1 rcmd

ip inspect name fastethernet_0_1 realaudio

ip inspect name fastethernet_0_1 streamworks

ip inspect name fastethernet_0_1 vdolive

ip inspect name fastethernet_0_1 sqlnet

ip inspect name fastethernet_0_1 tftp

ip inspect name ethernet_0 tcp

ip inspect name ethernet_0 udp

ip inspect name ethernet_0 cuseeme

ip inspect name ethernet_0 ftp

ip inspect name ethernet_0 h323

ip inspect name ethernet_0 rcmd

ip inspect name ethernet_0 realaudio

ip inspect name ethernet_0 streamworks

ip inspect name ethernet_0 vdolive

ip inspect name ethernet_0 sqlnet

ip inspect name ethernet_0 tftp

ip inspect name fastethernet_0_0 smtp

ip inspect name fastethernet_0_0 tcp

ip audit notify log

ip audit po max-events 100

no ip dhcp-client network-discovery

!

!

!

interface FastEthernet0/0

ip address 206.159.159.234 255.255.255.248

ip access-group 101 in

ip nat outside

ip nbar protocol-discovery

ip inspect fastethernet_0_0 in

speed 100

full-duplex

!

interface FastEthernet0/1

ip address 192.200.200.1 255.255.255.0

ip access-group 102 in

ip nat inside

ip nbar protocol-discovery

ip inspect fastethernet_0_1 in

duplex auto

speed auto

!

interface Ethernet1/0

ip address 10.0.0.1 255.255.255.0

ip access-group 103 in

ip nat inside

ip nbar protocol-discovery

ip inspect ethernet_0 in

no keepalive

half-duplex

!

ip nat inside source list 1 interface FastEthernet0/0 overload

ip nat inside source static 10.0.0.2 206.159.159.235

ip classless

ip route 0.0.0.0 0.0.0.0 206.159.159.233

ip http server

ip http port 3645

!

access-list 1 permit 192.200.200.0 0.0.0.255

access-list 101 permit tcp any host 206.159.159.235 eq smtp

access-list 101 permit tcp any host 206.159.159.235 eq www

access-list 101 permit tcp any host 206.159.159.235 eq domain

access-list 101 permit tcp any host 206.159.159.235 eq pop3

access-list 101 permit udp any host 206.159.159.235 eq domain

access-list 101 permit tcp any host 206.159.159.235 eq 10000

access-list 101 permit tcp any any established

access-list 102 permit ip any any

access-list 103 permit ip any any

!

line con 0

exec-timeout 0 0

transport input none

line aux 0

line vty 0 4


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Mon, 08/26/2002 - 07:16
User Badges:
  • Cisco Employee,

duplicate question. We'll continue the other thread and stop this one.

Actions

This Discussion