Hi.
i'm assuming your client network is 10.2.8.0 (from the route on that client lan)?
in that case, your nat statement has:
ip nat inside source list LanPermit interface FastEthernet0/1/0 overload
so you are only natting traffic matching LanPermit acl.
this acl has:
ip access-list extended LanPermit
permit ip object-group Supreme any
deny ip any any log-input
so you are only allowing to nat traffic coming from Supreme object-group going anywhere.
the object-group has:
object-group network Supreme
host 10.2.0.9
host 10.2.0.6
host 10.1.0.6
host 10.1.0.9
host 10.3.0.6
host 10.3.0.9
host 10.3.0.5
host 10.3.0.4
host 10.3.0.8
host 4.4.4.2
host 4.4.4.1
So basically only the hosts in the above object-group are allowed to be NATed, the rest as they don't match the LanPermit acl used by nat will not be Nated. and that explains why your client hosts fail when going to the internet as they are not NATed.
if i'm mistaken about the client location network(s), please indicate the addresses, and over which interface name does it come over.
Regards,
Fadi.