after IOS upgrade internal machines can not get to the internet
I upgrade the IOS on my cisco 837 router to use the IDS function and after completing machines from the inside can not go to the internet. from the router I can ping out to the internet. can anyone see anything in this config that would be preventing it working?
no service pad
service timestamps debug datetime msec show-timezone
service timestamps log datetime msec show-timezone
boot system flash c837-k9o3sy6-mz.124-17.bin
logging buffered 16000 debugging
enable secret xxxxxxxxxx
no aaa new-model
clock timezone GMT 0
clock summer-time GMT recurring last Sun Mar 1:00 last Sun Oct 1:00
no ip gratuitous-arps
no ip domain lookup
ip name-server 220.127.116.11
no ip bootp server
ip inspect max-incomplete low 10
ip inspect max-incomplete high 20
ip inspect one-minute low 10
ip inspect one-minute high 20
ip inspect udp idle-time 15
ip inspect tcp idle-time 1800
ip inspect tcp finwait-time 1
ip inspect tcp synwait-time 10
ip inspect name MYFW udp alert on audit-trail on
ip inspect name MYFW tcp alert on audit-trail on
username user password xxxxxxxxx
ip ssh time-out 60
ip ssh authentication-retries 2
ip address x.x.x.x(public address) 255.255.255.248
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...