Thanks guys the running-config is below.

Current configuration : 913 bytes

!

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Router

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

ip address 192.168.1.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface FastEthernet1/0

ip address 68.67.85.80 255.0.0.0

ip nat outside

duplex auto

speed auto

ipv6 ospf cost 1

!

interface Serial2/0

no ip address

shutdown

!

interface Serial3/0

no ip address

shutdown

!

interface FastEthernet4/0

no ip address

shutdown

!

interface FastEthernet5/0

no ip address

shutdown

!

ip nat inside source static 192.168.1.101 68.67.85.80

ip nat inside source static 192.168.1.102 68.67.85.81

ip nat inside source static 192.168.1.103 68.67.85.82

ip nat inside source static 192.168.1.104 68.67.85.83

ip classless

!

!

!

!

!

!

!

line con 0

!

line aux 0

!

line vty 0 4

login

!

!

!

end

Your config is missing the default-route to the provicer-gateway. And the subnet-mask on the WAN-interface is wrong.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

I tried that to with no luck. Does anyone know a support company I can pay per hour to work this out with me over the phone.

Thanks,

Andrew

Andrew,

I'm not sure you'll need to hire someone. This config is pretty basic. First of all, you probably can't get out to the internet because of the reasons Karsten stated. You do need a default route in your config and the mask, according to your diagram, is incorrect on the interface. Those definitely need to be fixed before we can complete the other config. You said that you changed it; can you post your updated config?

HTH,
John

*** Please rate all useful posts ***

Andrew

Don't know a support company but you definitely going to need the default route as Karsten pointed out.

interface FastEthernet1/0

ip address 68.67.85.80 255.0.0.0

ip nat outside

duplex auto

speed auto

ipv6 ospf cost 1

Is the address meant to be 80 because your diagram shows that IP being used for a NAT. You can do both but is it right ?

Anyway change the IP to it's proper mask -

int fa1/0

ip address 68.67.85.x 255.255.255.248

add this route -

ip route 0.0.0.0 0.0.0.0 68.67.85.79

then -

1) from the router can you ping the next hop ie. 68.67.85.79 ?

2) If yes to 1) how are you trying to connect to the server ?

Your config, if you make the above changes looks fine so it could be something else.

Do the servers have their default gateway set 192.168.1.1 ?

Jon

Now I am getting a "The connection has timed out" error when i go to the public IP address in the browser. I think this possibly fixed the issue. The server has a clean OS installed and doesn’t have a Apache installed. I can install Apache because the server in unable to connect to the internet. is there something I need to add to the config to do outbound request from my server.

I already changed the server to use a static ip (192.168.1.100), this works fine. I also set the server gateway to 192.168.1.1 and name-servers to:

nameserver 8.8.8.8

nameserver 8.8.4.4

nameserver 192.168.1.1

I appreciate everyone that has helped me on this.

Andrew,

For outbound traffic, including being able to browse the internet, you need another nat statement and an acl:

access-list 100 permit ip 192.168.1.0 0.0.0.255 any

ip nat inside source list 100 interfac fa4 overload

The dns entries that you put in the router only affect when the router is doing a lookup, for example, pinging from the cli. You will need dns entries on the servers though, and you can use Google's nameservers if you wanted.

HTH,
John

*** Please rate all useful posts ***