Hi, the adsl router does a simple NAT from the WAN ip to LAN ip 10.0.0.2. All packets then goto our firewall. I know IP TCP/UDP is being forwarded ok, but could someone kindly check the access list and confirm all IP packets are being forwaded as i wish to allow GRE tunnel (IP protocol 47) packets through also. Config below:
ip address 10.0.0.2 255.255.255.0
ip nat inside
ip address negotiated
ip nat outside
ip route 0.0.0.0 0.0.0.0 Dialer0
ip nat inside source static 10.0.0.1 interface Dialer0
access-list 110 permit ip 10.0.0.0 0.0.0.255 any
dialer-list 10 protocol ip permit
Access lists can be applied either In or OUT of an interface using ip access-group command.
ip access-group 110
check this URL to get more information.
ACL is used to filter traffic, but ACL 110 is permitting everything so it is as good as using no ACL.
HTH, rate if it does ...