Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3212
Views
4
Helpful
15
Replies

Firewall+NAT problems

volkeningheim
Level 1
Level 1

‎01-31-2013 04:03 AM - edited ‎03-07-2019 11:25 AM

Hi,

I run Cisco 861 to connect a small LAN to the Internet. The router provides DHCP and DNS to the local users and does NAT to map to one public IP. To secure the router I followed the steps given at

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a008009445f.shtml

However, I encounter two problems now:

1) When I bind an access-list to the inside-interface, DHCP stops functioning. For the beginning, the access-list is very permissive:

access-list 102 permit tcp 192.168.43.0 0.0.0.255 any

access-list 102 permit udp 192.168.43.0 0.0.0.255 any

access-list 102 permit icmp 192.168.43.0 0.0.0.255 any

access-list 102 permit ip 192.168.43.0 0.0.0.255 any

Additionally, for the firewall to work, the interface is inspecting packets that are coming in:

ip inspect name firewall http timeout 3600

ip inspect name firewall tcp timeout 3600

ip inspect name firewall udp timeout 15

2) When I now bind an access-list to the outside-interface, communication to the internet is totally blocked:

access-list 112 permit icmp any any

access-list 112 deny   ip any any log

See the appended config for full details. Without the access-lists, the setup works perfectly.

Which part am I doing wrong? Any help is appreciated,

Benjamin

Labels:
142409-firewall.conf.zip
0 Helpful
15 Replies 15

volkeningheim
Level 1
Level 1
In response to Henrik Grankvist

‎02-07-2013 06:22 AM

Hello,

thanks for this idea. I tried

interface FastEthernet4

ip inspect firewall in

ip inspect firewall out

but it's still the same issue. The router itself has no access to the internet.

0 Helpful
Customers Also Viewed These Support Documents