hello, 

i'm trying to setup basic firewall using cisco configuration professional after configuring router using terminal.

After I run "create firewall wizard" and apply rules, inside clients cannot browse internet  (from router I can ping outside).

Can anyone help me?

Config:

attached txt

Firewall configuration summary:

Inside(trusted) Interfaces:
FastEthernet0/1 (192.168.10.254)

Outside(untrusted) Interface:
Dialer1 {FastEthernet0/0} (Easy IP)

Service Policy Configuration:

In-zone -> Out-zone:
Inspect TCP,UDP,H323,SIP,SCCP and other protocols
Deny packets with invalid ip address as source

Self -> Out-zone:
Inspect router generated ICMP traffic

Out-zone -> Self:
Deny all other traffic.

Commands delivered after finishing wizard:

access-list 101 remark CCP_ACL Category=128
access-list 101 permit ip host 255.255.255.255 any
access-list 101 permit ip 127.0.0.0 0.255.255.255 any
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
exit
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
exit
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
exit
class-map type inspect match-all ccp-protocol-http
match protocol http
exit
class-map type inspect match-all ccp-invalid-src
match access-group 101
exit
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp extended
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
exit
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
exit
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
exit
class-map type inspect match-any ccp-h323-inspect
match protocol h323
exit
class-map type inspect match-any ccp-sip-inspect
match protocol sip
exit
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
exit
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
exit
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
no drop
inspect
exit
class class-default
no drop
pass
exit
exit
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
exit
class type inspect ccp-protocol-http
no drop
inspect
exit
class type inspect ccp-insp-traffic
no drop
inspect
exit
class type inspect ccp-sip-inspect
no drop
inspect
exit
class type inspect ccp-h323-inspect
no drop
inspect
exit
class type inspect ccp-h323annexe-inspect
no drop
inspect
exit
class type inspect ccp-h225ras-inspect
no drop
inspect
exit
class type inspect ccp-h323nxg-inspect
no drop
inspect
exit
class type inspect ccp-skinny-inspect
no drop
inspect
exit
exit
policy-map type inspect ccp-permit
class class-default
exit
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
exit
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
exit
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
exit
interface Dialer1
description HT$FW_OUTSIDE$
zone-member security out-zone
exit
interface FastEthernet0/1
description LAN$FW_INSIDE$
zone-member security in-zone
exit

After finishing wizard I cannot browse internet from inside.

Thanks.