1) The following doesn't make sense. That access-list 100 is applied inbound from the internet. It says to allow icmp from any to any (probably not a good idea). More importantly it says to allow packets with a source address of 10.1.0.0 0.0.255.255 to any IP address. From the internet the source addresses would not be these.
ip address 184.108.40.206 255.255.255.248
ip access-group DEFAULT100 in
ip nat outside
access-list 100 permit ip 10.1.0.0 0.0.255.255 any
access-list 100 permit icmp any any
2) ip route 220.127.116.11 255.0.0.0 18.104.22.168
Change this to
ip route 0.0.0.0 0.0.0.0 22.214.171.124
route-map SRV_OUT permit 10
match ip address 150
route-map NAT_OUT permit 10
match ip address 100
These don't seem to be used anywhere.
4) You have not setup nat properly. Do you just want to NAT all inside hosts to the public IP on the gi0/0 interface ?
If so you can use your access-list 100 here.
ip nat inside source list 100 interface gi0/0 overload
I think I made all the changes you suggested (I'm new to this). I've re-attached config, but still can't ping routers external address from the outside, nor can I ping to the Internet using router as default gateway. What am I missing?
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...