Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
409
Views
0
Helpful
1
Replies

ADSL routing

kelvinboar
Level 1
Level 1

‎11-01-2011 02:42 AM - edited ‎03-04-2019 02:07 PM

Hi guys

I'm trying to configure a new ADSL wic on our 2800 router & for some reason i can't get the internal network to connect to the internet. I can ping from the router fine? Can anyone see what i'm missing?


Building configuration...

Current configuration : 7519 bytes
!
! Last configuration change at 09:34:55 UTC Tue Nov 1 2011 by pivtech
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ADSL_RT01
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
no network-clock-participate wic 1
dot11 syslog
ip source-route
!
!
!
!
!
ip cef
ip domain name
ip name-server 203.0.178.191
ip name-server 203.215.229.191
!
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-65807395
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-65807395
revocation-check none
rsakeypair TP-self-signed-65807395
!
!
crypto pki certificate chain TP-self-signed-65807395
certificate self-signed 01
  30820227 30820190 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 36353830 37333935 301E170D 31313130 32373033 31383034
  5A170D32 30303130 31303030 3030305A 302F312D 302B0603 55040313 24494F53
  2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D363538 30373339
  3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B3A7
  C1CDDF83 CC5BE319 C9BF393B 9CCE09DC 745E0210 8A99FC0D 483A77DB 59D3DD60
  E1082185 FFC51517 3B5EFD7B 56F59C07 DD3313E7 5CFA99F4 FE234A27 B358EFDF
  BCA72253 3BC062EF 91C297FD 0A9CD25B 8C1C3851 A454A0FE 9D164DDE B687050F
  5A557D27 0646BD12 58FBACAB ACB1893C 24AAC5CE A6BC14FA 3E37C5FE 21AD0203
  010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304
  18301680 14385DE1 4B7C1D5D 61B4D5C9 C3ADFCD4 1E2919BC 9F301D06 03551D0E
  04160414 385DE14B 7C1D5D61 B4D5C9C3 ADFCD41E 2919BC9F 300D0609 2A864886
  F70D0101 05050003 81810023 CCA5746D 490CB1D8 C13C7166 F0A598A9 61365CF9
  1C167895 E8534360 9CE68A90 2A065805 CAF2DDCC 05C5B161 38B2675D 600C59F1
  3638C4F5 DB466AE8 DC02F45F A789B1BD AFD84D7E 60E83AD8 A5B3BEC2 98008FA4
  981BFB1D E37450D0 92267966 639DCAB9 EC9AAE28 73CDA9D3 5F04A2EF C28466D0
  06933477 EEF6E5C4 4A2102
  quit
!
!
license udi pid CISCO2801 sn FHK1018F2FV
username
!
redundancy
!
!
controller E1 0/1/0
!
controller E1 0/1/1
!
!
class-map type inspect match-all SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any CCP_PPTP
match class-map SDM_GRE
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-any ccp-cls-insp-traffic
match protocol pptp
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-http
match protocol http
!
!
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
  inspect
class class-default
  pass
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
  drop log
class type inspect ccp-protocol-http
  inspect
class type inspect ccp-insp-traffic
  inspect
class type inspect ccp-sip-inspect
  inspect
class type inspect ccp-h323-inspect
  inspect
class type inspect ccp-h323annexe-inspect
  inspect
class type inspect ccp-h225ras-inspect
  inspect
class type inspect ccp-h323nxg-inspect
  inspect
class type inspect ccp-skinny-inspect
  inspect
class class-default
  drop
policy-map type inspect ccp-permit
class class-default
  drop
policy-map type inspect ccp-pol-outToIn
class type inspect CCP_PPTP
  pass
class class-default
  drop log
!
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-zone-To-in-zone source out-zone destination in-zone
service-policy type inspect ccp-pol-outToIn
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
!
!
crypto isakmp policy 5
encr 3des
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp key xxx address 71.30.126.98
crypto isakmp key xxx address 216.219.19.250 no-xauth
crypto isakmp identity dn
crypto isakmp keepalive 60
!
!
!
crypto map PIVOD 10 ipsec-isakmp
! Incomplete
set peer 216.219.19.250
set pfs group2
match address PerO_to_AtlO
crypto map PIVOD 20 ipsec-isakmp
! Incomplete
set peer 71.30.126.98
set pfs group2
match address PerO_to_ChaO
!
!
!
!
!
interface Loopback1
description $FW_OUTSIDE$
ip address 203.59.48.236 255.255.255.255
zone-member security out-zone
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description $FW_INSIDE$
ip address 10.64.8.253 255.255.255.0
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
ip tcp adjust-mss 1412
duplex auto
speed auto
!
interface ATM0/3/0
no ip address
no atm ilmi-keepalive
!
interface ATM0/3/0.1 point-to-point
pvc 8/35
  pppoe-client dial-pool-number 1
!
!
interface Dialer0
description $FW_OUTSIDE$
ip unnumbered Loopback1
ip mtu 1452
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username
crypto map
!
ip default-gateway 10.64.8.253
ip forward-protocol nd
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.64.10.38 443 203.59.225.76 443 extendable
ip nat inside source static tcp 10.64.9.240 443 203.59.225.77 443 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 10.64.8.0 255.255.248.0 10.64.8.254
!
ip access-list extended PerO_to_AtlO
ip access-list extended PerO_to_ChaO
ip access-list extended SDM_GRE
remark CCP_ACL Category=1
permit gre any any
!
logging esm config
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.64.8.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip host 203.59.48.236 any
dialer-list 1 protocol ip permit
disable-eadi
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
login local
transport input ssh
!
scheduler allocate 20000 1000
end

Thanks in advance

Kelvin

Labels:
0 Helpful
1 Reply 1

kelvinboar
Level 1
Level 1

‎11-01-2011 07:37 PM

Anyone?????

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card