Announcement

Collapse
No announcement yet.

ACL Problems

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ACL Problems

    Hi guys,

    I'm a newbe with Cisco and I need your advice and help, please. Here is the config on my router:

    ip ips sdf location flash://128MB.sdf
    ip ips notify SDEE
    ip ips name sdm_ips_rule_101 list 101
    no ip domain lookup
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface FastEthernet0/0
    description LAN Connection
    ip address 192.168.8.10 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    description WAN Connection
    ip address 208.165.199.94 255.255.255.252
    ip access-group 101 in
    ip ips sdm_ips_rule_101 in
    ip nat outside
    ip virtual-reassembly
    duplex auto
    speed auto
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 208.165.199.93
    !
    no ip http server
    no ip http secure-server
    ip nat pool Test 208.165.197.147 208.165.197.150 netmask 255.255.255.248
    ip nat inside source list 1 pool Test overload
    ip nat inside source static 192.168.8.2 208.165.197.145 extendable
    ip nat inside source static 192.168.8.4 208.165.197.146 extendable
    !
    access-list 1 permit 192.168.8.0 0.0.0.255
    access-list 101 permit tcp any host 208.165.197.145 eq 443
    access-list 101 permit tcp any host 208.165.197.145 eq 1494
    access-list 101 permit tcp any host 208.165.197.145 eq 2513
    access-list 101 permit tcp any host 208.165.197.145 eq 2598
    access-list 101 permit tcp any host 208.165.197.146 eq 443
    access-list 101 permit tcp any host 208.165.197.146 eq smtp
    access-list 101 permit tcp any host 208.165.197.146 eq 995
    access-list 101 permit tcp any host 208.165.197.146 eq 993

    Everything works fine except I cannot get out on the internet .What do I do wrong?
    Thank you.
    Regards,

    PS: The ip's are not the real ones, it's just from school lab.

  • #2
    Re: ACL Problems

    Your config looks pretty good- did you use SDM to generate this, btw?

    Have you checked things such as:
    -is the next hop live and responding to pings? (208.165.199.93 in your config)
    -have you got correct dns resolution for the internet host you want to access?

    What exactly do you get or fail to get? Web browser 'times out'?

    theterranaut

    Comment


    • #3
      Re: ACL Problems

      Hi,

      Thanx for the replay. No, I didn't config the router through SDM. Yes, the problem was I couldn't ping 208.165.199.93 (ISP router) so I couldn't go out on the internet. I solved the problem though, this time through SDM . Sorry but I cannot post the config.
      Regards,

      Comment

      Working...
      X