MecenaMemberOct 12, 2006 at 11:51 am #116620
I’m a newbe with Cisco and I need your advice and help, please. Here is the config on my router:
ip ips sdf location flash://128MB.sdf
ip ips notify SDEE
ip ips name sdm_ips_rule_101 list 101
no ip domain lookup
description LAN Connection
ip address 192.168.8.10 255.255.255.0
ip nat inside
description WAN Connection
ip address 184.108.40.206 255.255.255.252
ip access-group 101 in
ip ips sdm_ips_rule_101 in
ip nat outside
ip route 0.0.0.0 0.0.0.0 220.127.116.11
no ip http server
no ip http secure-server
ip nat pool Test 18.104.22.168 22.214.171.124 netmask 255.255.255.248
ip nat inside source list 1 pool Test overload
ip nat inside source static 192.168.8.2 126.96.36.199 extendable
ip nat inside source static 192.168.8.4 188.8.131.52 extendable
access-list 1 permit 192.168.8.0 0.0.0.255
access-list 101 permit tcp any host 184.108.40.206 eq 443
access-list 101 permit tcp any host 220.127.116.11 eq 1494
access-list 101 permit tcp any host 18.104.22.168 eq 2513
access-list 101 permit tcp any host 22.214.171.124 eq 2598
access-list 101 permit tcp any host 126.96.36.199 eq 443
access-list 101 permit tcp any host 188.8.131.52 eq smtp
access-list 101 permit tcp any host 184.108.40.206 eq 995
access-list 101 permit tcp any host 220.127.116.11 eq 993
Everything works fine:) except I cannot get out on the internet :(.What do I do wrong?
PS: The ip’s are not the real ones, it’s just from school lab.
theterranautMemberOct 13, 2006 at 1:42 am #285786
Re: ACL Problems
Your config looks pretty good- did you use SDM to generate this, btw?
Have you checked things such as:
-is the next hop live and responding to pings? (18.104.22.168 in your config)
-have you got correct dns resolution for the internet host you want to access?
What exactly do you get or fail to get? Web browser ‘times out’?
Florin RobeteMemberOct 13, 2006 at 8:28 am #277308
Re: ACL Problems
Thanx for the replay. No, I didn’t config the router through SDM. Yes, the problem was I couldn’t ping 22.214.171.124 (ISP router) so I couldn’t go out on the internet. I solved the problem though, this time through SDM :). Sorry but I cannot post the config.
You must be logged in to reply to this topic.