Re: Trouble getting to www with my Cisco 831 and Cisco Pix 501

jtaylor · ‎04-27-2004

My current configurations are as follows,

Cisco 831 configs

Cisco831>en

Password:

Cisco831#show running

Cisco831#show running-config

Building configuration...

Current configuration : 1443 bytes

!

version 12.3

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname xxxx

!

enable secret xxxx

enable password xxxx

!

username xxxx privilege 15 password xxx

no aaa new-model

ip subnet-zero

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool CLIENT

import all

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

lease 0 2

!

ip audit notify log

ip audit po max-events 100

ip ssh break-string

no ftp-server write-enable

!

interface Ethernet0

ip address 10.10.10.1 255.255.255.0

ip nat inside

load-interval 30

no cdp enable

hold-queue 32 in

hold-queue 100 out

!

interface Ethernet1

ip address dhcp client-id Ethernet1

ip nat outside

load-interval 30

no cdp enable

!

ip nat inside source list 102 interface Ethernet1 overload

ip classless

ip http server

no ip http secure-server

!

access-list 23 permit 10.10.10.0 0.0.0.255

access-list 102 permit ip 10.10.10.0 0.0.0.255 any

!

line con 0

exec-timeout 120 0

no modem enable

transport preferred all

transport output all

stopbits 1

line aux 0

transport preferred all

transport output all

stopbits 1

line vty 0 4

access-class 23 in

exec-timeout 120 0

login local

length 0

transport preferred all

transport input all

transport output all

!

scheduler max-task-time 5000

!

end

PIX 501 Configs are listed below.

PIX501# show run

: Saved

:

PIX Version 6.3(1)

interface ethernet0 auto

interface ethernet1 100full

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password xxx encrypted

passwd xxxx encrypted

hostname PIX501

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol ils 389

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol smtp 25

fixup protocol sqlnet 1521

names

pager lines 24

mtu outside 1500

mtu inside 1500

ip address outside 10.10.10.2 255.255.255.0

ip address inside 192.168.1.1 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

pdm logging informational 100

pdm history enable

arp timeout 14400

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

timeout xlate 0:05:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server LOCAL protocol local

http server enable

http 192.168.1.0 255.255.255.0 inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd address 192.168.1.2-192.168.1.33 inside

dhcpd lease 3600

dhcpd ping_timeout 750

dhcpd auto_config outside

dhcpd enable inside

terminal width 80

Cryptochecksum:xxxx

: end

Georg Pauwen · ‎04-28-2004

Hello,

on your 831 I do not see a default route. Can you add:

ip route 0.0.0.0 0.0.0.0 10.10.10.2

and see what happens ?

Regards,

GP

jtaylor · ‎04-28-2004

GP,

Thanks for taking a look at this, i'll add the route and let you know how it goes..

Thanks Again,

JT