Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2112
Views
0
Helpful
15
Replies

iMac and 2800 router problems

rutegg
Level 1
Level 1

‎03-12-2010 11:39 AM - edited ‎03-06-2019 10:07 AM

I have a 2800 router that works just fine with about 50 PCs and 1 other Mac. When I connect the new iMac 27" to my network I can't get to the internet. It shows all the correct addresses and can see everything on my LAN, but can't see out past the router. If I put a cheap netgear router between the iMac and the 2800 and double NAT, I can get to the internet. What could be wrong with the router, or iMac? Could there be a firmware update for the router? All of the updates for the iMac have been applied, and it's running 10.2.6. Any ideas? Thanks.

Labels:
0 Helpful
15 Replies 15

rutegg
Level 1
Level 1
In response to andrewswanson

‎03-22-2010 08:54 AM

Current configuration : 5992 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname UGL_ROUTER
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
ip inspect name Internet tcp
ip inspect name Internet udp
ip inspect name Internet cuseeme
ip inspect name Internet ftp
ip inspect name Internet h323
ip inspect name Internet rcmd
ip inspect name Internet realaudio
ip inspect name Internet streamworks
ip inspect name Internet vdolive
ip inspect name Internet sqlnet
ip inspect name Internet tftp
ip inspect name Internet http java-list 90
no ip dhcp use vrf connected
!
!
no ip ips deny-action ips-interface
no ip domain lookup
ip domain name yourdomain.com
ip name-server 129.250.35.250
!
!
!
crypto pki trustpoint TP-self-signed-2927018261
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2927018261
revocation-check none
rsakeypair TP-self-signed-2927018261
!
!
!
!
crypto isakmp policy 1
hash md5
authentication pre-share
crypto isakmp key xpnts.1999 address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set TRANSFORM esp-des esp-md5-hmac
!
crypto dynamic-map DYNAMAP 10
set transform-set TRANSFORM
match address 115
!
!
crypto map CRYPTOMAP 10 ipsec-isakmp dynamic DYNAMAP
!
!
!
interface FastEthernet0/0
ip address 24.38.10.66 255.255.255.192
ip access-group 104 in
ip inspect Internet out
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map CRYPTOMAP
!
interface FastEthernet0/1
ip address 192.168.1.201 255.255.255.0 secondary
ip address 192.168.1.221 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip local pool VPNPOOL 192.168.200.1 192.168.200.50
ip classless
ip route 0.0.0.0 0.0.0.0 24.38.10.65
!
no ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source route-map NONAT interface FastEthernet0/0 overload
ip nat inside source static 192.168.1.7 24.38.10.69
ip nat inside source static tcp 192.168.1.225 20 24.38.10.70 20 extendable
ip nat inside source static tcp 192.168.1.225 21 24.38.10.70 21 extendable
ip nat inside source static tcp 192.168.1.222 1723 24.38.10.70 1723 extendable
ip nat inside source static 192.168.1.2 24.38.10.74
!
access-list 90 permit any
access-list 101 deny   ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 104 permit ahp any any
access-list 104 permit esp any any
access-list 104 permit udp any any eq isakmp
access-list 104 permit gre any any
access-list 104 remark Allow for Return of ICMP Packets
access-list 104 permit icmp any any
access-list 104 remark Allow VPN Traffic
access-list 104 permit ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255
access-list 104 permit tcp any host 24.38.10.69 eq 9080
access-list 104 permit tcp any host 24.38.10.74 eq smtp
access-list 104 permit tcp any host 24.38.10.70 eq ftp
access-list 104 permit tcp any host 24.38.10.70 eq 1723
access-list 104 permit tcp any host 24.38.10.74 eq pop3
access-list 115 permit ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 115 permit ip 192.168.1.0 0.0.0.255 192.168.20.0 0.0.0.255
access-list 115 deny   ip 192.168.1.0 0.0.0.255 any
access-list 120 deny   ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 120 deny   ip 192.168.1.0 0.0.0.255 192.168.20.0 0.0.0.255
access-list 120 permit ip 192.168.1.0 0.0.0.255 any
route-map NONAT permit 10
match ip address 120
!
!
!
control-plane
!
!
banner motd ^CC

****************************************************************************
* This is a private computer/communication facility. Access to it for any  *
* reason must be specifically authorized.   System personnel will/may      *
* monitor for unauthorized activity.  Anyone using this system expressly   *
* consents to such monitoring.  Your continued access, if unauthorized,    *
* may result in criminal and/or civil proceedings.                         *
****************************************************************************
^C
!
scheduler allocate 20000 1000
!
end

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card