12-03-2012 05:29 PM - edited 03-07-2019 10:22 AM
Hey guys, sorry I'm an Cisco newbie. I configured this router based on random articles I found on the internet. Not suprisingly it didnt work when I connected it, I was able to get CCP connected and I tried disabling the firewall functions (wasnt sure if it was the problem or not?) I can ping google from the CLI but cannot ping it from a PC. The PC pulls an ip from the pool, has a DNS server but wont ping external IP's or websites. Thanks for any help guys!
Using 5953 out of 262136 bytes
!
! Last configuration change at 05:51:31 Tehran Tue Dec 4 2012 by
dammann
! NVRAM config last updated at 05:51:58 Tehran Tue Dec 4 2012 by
dammann
!
version 15.0
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Cisco881
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 10 log
security passwords min-length 6
logging buffered 4096
logging console critical
enable secret 5 ###
enable password 7 ###
!
aaa new-model
!
!
aaa authentication login local_auth local
!
!
!
!
!
aaa session-id common
!
!
!
memory-size iomem 10
clock timezone Tehran 3 30
clock summer-time Tehran date Mar 22 2003 12:00 Sep 22 2003
12:00
!
crypto pki trustpoint TP-self-signed-1327196023
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1327196023
revocation-check none
rsakeypair TP-self-signed-1327196023
!
!
crypto pki certificate chain TP-self-signed-1327196023
certificate self-signed 02 nvram:IOS-Self-Sig#4.cer
no ip source-route
no ip gratuitous-arps
!
!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.1 192.168.1.49
ip dhcp excluded-address 192.168.1.100 192.168.1.254
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
ip dhcp pool default
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 8.8.4.4
lease 0 12
!
!
ip cef
no ip bootp server
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip inspect audit-trail
ip inspect udp idle-time 1800
ip inspect dns-timeout 7
ip inspect tcp idle-time 14400
login block-for 3 attempts 3 within 120
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO881-SEC-K9 sn FCZ162990VQ
!
!
archive
log config
logging enable
username dammann privilege 15 secret 5 $1$CYiw
$FM4T13I3fx2nx6Aw1KmGV.
!
!
ip ssh time-out 60
ip ssh authentication-retries 2
!
class-map match-all http
match protocol http
class-map match-any p2p
match protocol bittorrent
match protocol edonkey
match protocol fasttrack
match protocol gnutella
match protocol kazaa2
class-map match-all skype
match protocol skype
!
!
policy-map shape
class http
shape average 4000000 50000
class skype
bandwidth percent 30
class p2p
police rate 128000
conform-action transmit
exceed-action drop
violate-action drop
!
!
!
!
!
!
!
!
interface FastEthernet0
!
service-policy output shape
!
interface FastEthernet1
spanning-tree portfast
!
!
interface FastEthernet2
!
!
interface FastEthernet3
!
!
interface FastEthernet4
description WAN Fe4$ETH-WAN$
ip address dhcp client-id FastEthernet4
no ip redirects
no ip unreachables
no ip proxy-arp
ip verify unicast source reachable-via rx allow-default 100
ip nat outside
ip virtual-reassembly
duplex half
speed auto
!
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
logging trap debugging
logging facility local2
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 23 permit 192.168.1.0 0.0.0.255
access-list 100 permit udp any any eq bootpc
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
!
control-plane
!
!
banner exec ^C
% Password expiration warning.
^C
banner login ^C
^C
banner motd ^C^C
!
line con 0
exec-timeout 5 0
login authentication local_auth
no modem enable
transport output telnet
line aux 0
exec-timeout 15 0
login authentication local_auth
transport output telnet
line vty 0 4
access-class 23 in
privilege level 15
password 7 045E0A151635435C0C14001A100E1E
login authentication local_auth
transport input telnet ssh
!
scheduler max-task-time 5000
end
12-03-2012 05:33 PM
Hi
U are missing the ip nat inside source list 23 interface fast4 overload
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide