Hi Everyone,

I removed and added ACL on the router

access-list 101 permit ip 192.168.0.0 0.0.255.255 any

after doing this i can ping the internet sites from router but not from my internal network.

i checked sh ip nat trans  it is empty.

Here is config of router

2691Router#sh run

2691Router#sh running-config

Building configuration...

Current configuration : 9488 bytes

!

! Last configuration change at 11:58:43 MST Sat Jan 19 2013

! NVRAM config last updated at 19:50:43 MST Thu Jan 17 2013

!

version 12.4

service nagle

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service internal

!

hostname 2691Router

!

boot-start-marker

boot-end-marker

!

no logging exception

logging count

logging buffered 4096 informational

no logging console

!

no aaa new-model

clock timezone MST -7

clock summer-time MST recurring

no network-clock-participate slot 1

no ip icmp rate-limit unreachable

ip cef

!

!

!

!

ip host 3550SMIA 192.168.5.2

ip host 3550SMIB 192.168.10.2

ip host 2950T 192.168.10.5

ip host 2650XM 192.168.4.3

ip name-server 64.59.144.18

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

login on-failure log

login on-success log

!

ipv6 unicast-routing

!

!

!

!

!

!

!

!

!

!

!

!

!

!

archive

log config

  hidekeys

path slot0:/configs/$h

write-memory

time-period 1440

!

!

ip tcp synwait-time 5

ip ssh port 2009 rotary 1

!

!

buffers tune automatic

!

!

!

interface Loopback2

description IBGP neighbour to Router 3550B

ip address 2.2.2.2 255.255.255.0

!

interface Loopback3

description IBGP neighbour to Router R4

ip address 3.3.3.3 255.255.255.0

!

interface Loopback4

ip address 4.4.4.4 255.255.255.0

!

interface Loopback6

description Tunnel0 Source IP

ip address 10.0.0.1 255.255.255.255

!

interface Loopback7

description LAN SEGMENT OF 2691

ip address 100.100.100.100 255.255.255.255

!

interface Loopback8

description LAN SEGMENT OF 2691

ip address 101.101.101.101 255.255.255.255

!

interface Loopback33

description IPV6 OSPF LAB

no ip address

ipv6 address FEC0:4::4/64

ipv6 enable

ipv6 ospf 110 area 100

!

interface Loopback133

description IPV6 OSPF LAB

no ip address

ipv6 address FEC0:1::1/64

ipv6 enable

ipv6 ospf 100 area 101

!

interface Tunnel0

description description GRE EIGRP TUNNEL TO R3

ip address 13.13.13.1 255.255.255.0

keepalive 10 3

cdp enable

tunnel source 192.168.5.3

tunnel destination 192.168.4.3

tunnel path-mtu-discovery

!

interface FastEthernet0/0

description WAN Connection to ISP modem

ip address dhcp

no ip redirects

no ip unreachables

ip accounting output-packets

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Serial0/0

description Serial connection to 2650 on interface se/0/0

ip address 192.168.1.1 255.255.255.0

encapsulation frame-relay

ip ospf network point-to-multipoint

no keepalive

!

interface FastEthernet0/1

description Lan Connection to 3550A Switch

ip address 192.168.5.3 255.255.255.254

ip flow ingress

ip nat inside

ip virtual-reassembly

ip ospf hello-interval 40

ip ospf priority 10

duplex auto

speed auto

!

interface FastEthernet1/0

description Lan Connection to 3550B Switch

ip address 192.168.6.3 255.255.255.254

ip flow ingress

ip nat inside

ip virtual-reassembly

ip ospf authentication

ip ospf authentication-key 7 05080F1C2243

ip ospf hello-interval 40

ip ospf priority 10

duplex auto

speed auto

!

interface Serial1/0

description Serial connection to 2650 on interface se0/1

ip address 192.168.2.1 255.255.255.0

no keepalive

serial restart-delay 0

!

interface FastEthernet1/1

description Backup Connection to 3550B Switch interface fa0/24

ip address 192.168.7.1 255.255.255.0

ip nat inside

ip virtual-reassembly

shutdown

duplex auto

speed auto

glbp 30 ip 192.168.7.3

glbp 30 preempt delay minimum 120

!

interface Serial1/1

ip address 192.168.9.3 255.255.255.0

encapsulation frame-relay

ip ospf network point-to-multipoint non-broadcast

no keepalive

serial restart-delay 0

frame-relay map ip 192.168.9.2 104 broadcast

!

router eigrp 100

redistribute connected

passive-interface Loopback7

passive-interface Loopback8

network 13.13.13.1 0.0.0.0

network 100.100.100.100 0.0.0.0

network 101.101.101.101 0.0.0.0

no auto-summary

!

router ospf 1

router-id 4.4.4.4

log-adjacency-changes

redistribute static metric 300 subnets

passive-interface Serial0/0

passive-interface Serial1/1

network 3.3.3.3 0.0.0.0 area 0

network 4.4.4.4 0.0.0.0 area 0

network 10.0.0.1 0.0.0.0 area 0

network 192.168.1.0 0.0.0.255 area 0

network 192.168.2.0 0.0.0.255 area 0

network 192.168.5.0 0.0.0.255 area 0

network 192.168.6.0 0.0.0.255 area 0

default-information originate

!

router bgp 6500

no synchronization

bgp log-neighbor-changes

neighbor 6.6.6.6 remote-as 6500

neighbor 6.6.6.6 password 7 020B05551D030A33

neighbor 6.6.6.6 update-source Loopback3

neighbor 100.100.100.100 remote-as 7500

neighbor 100.100.100.100 shutdown

neighbor 100.100.100.100 update-source Loopback2

no auto-summary

!

no ip classless

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 70.75.72.1

ip route 11.11.11.11 255.255.255.255 6.6.6.6

ip route 172.31.0.0 255.255.255.0 Null0

ip route 172.31.1.0 255.255.255.0 Null0

ip route 172.31.2.0 255.255.255.0 Null0

ip route 172.31.3.0 255.255.255.0 Null0

!

ip flow-export version 5

!

ip http server

ip http port 1025

ip http authentication local

no ip http secure-server

ip nat translation timeout 3600

ip nat inside source list 101 interface FastEthernet0/0 overload

!

logging trap debugging

logging 192.168.20.9

access-list 101 permit ip 192.168.0.0 0.0.255.255 any

snmp-server community supersecret RO

snmp-server community public RO

snmp-server trap-source FastEthernet0/1

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps vrrp

snmp-server enable traps ds1

snmp-server enable traps tty

snmp-server enable traps eigrp

snmp-server enable traps xgcp

snmp-server enable traps flash insertion removal

snmp-server enable traps ds3

snmp-server enable traps envmon

snmp-server enable traps icsudsu

snmp-server enable traps isdn call-information

snmp-server enable traps isdn layer2

snmp-server enable traps isdn chan-not-avail

snmp-server enable traps isdn ietf

snmp-server enable traps ds0-busyout

snmp-server enable traps ds1-loopback

snmp-server enable traps atm subif

snmp-server enable traps bgp

snmp-server enable traps bulkstat collection transfer

snmp-server enable traps cnpd

snmp-server enable traps config-copy

snmp-server enable traps config

snmp-server enable traps dial

snmp-server enable traps dsp card-status

snmp-server enable traps entity

snmp-server enable traps event-manager

snmp-server enable traps frame-relay

snmp-server enable traps frame-relay subif

snmp-server enable traps hsrp

snmp-server enable traps ipmobile

snmp-server enable traps ipmulticast

snmp-server enable traps mpls ldp

snmp-server enable traps mpls traffic-eng

snmp-server enable traps mpls vpn

snmp-server enable traps msdp

snmp-server enable traps mvpn

snmp-server enable traps ospf state-change

snmp-server enable traps ospf errors

snmp-server enable traps ospf retransmit

snmp-server enable traps ospf lsa

snmp-server enable traps ospf cisco-specific state-change nssa-trans-change

snmp-server enable traps ospf cisco-specific state-change shamlink interface-old

snmp-server enable traps ospf cisco-specific state-change shamlink neighbor

snmp-server enable traps ospf cisco-specific errors

snmp-server enable traps ospf cisco-specific retransmit

snmp-server enable traps ospf cisco-specific lsa

snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-messa

ge

snmp-server enable traps pppoe

snmp-server enable traps cpu threshold

snmp-server enable traps rsvp

snmp-server enable traps rtr

snmp-server enable traps syslog

snmp-server enable traps l2tun session

snmp-server enable traps vsimaster

snmp-server enable traps vtp

snmp-server enable traps isakmp policy add

snmp-server enable traps isakmp policy delete

snmp-server enable traps isakmp tunnel start

snmp-server enable traps isakmp tunnel stop

snmp-server enable traps ipsec cryptomap add

snmp-server enable traps ipsec cryptomap delete

snmp-server enable traps ipsec cryptomap attach

snmp-server enable traps ipsec cryptomap detach

snmp-server enable traps ipsec tunnel start

snmp-server enable traps ipsec tunnel stop

snmp-server enable traps ipsec too-many-sas

snmp-server enable traps voice poor-qov

snmp-server enable traps voice fallback

snmp-server enable traps dnis

snmp-server host 192.168.20.9 version 2c supersecret

ipv6 router ospf 110

log-adjacency-changes

!

ipv6 router ospf 100

log-adjacency-changes

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

banner motd ^CC

##########################################################

DO NOT LOG ON

##########################################################

^C

alias exec traffic sh ip nbar protocol-discovery  stats  bit-rate  top-n  10

alias exec proc show proc cpu | ex 0.00%__0.00%__0.00%

privilege exec level 5 show running-config

privilege exec level 5 show

!

line con 0

exec-timeout 3000 0

logging synchronous

line aux 0

exec-timeout 0 1

login

modem InOut

no exec

transport output none

flowcontrol hardware

line vty 0 4

exec-timeout 600 0

logging synchronous

login local

rotary 1

length 500

transport input telnet ssh

escape-character 3

line vty 5 15

exec-timeout 600 0

logging synchronous

login local

rotary 1

transport input telnet ssh

!

ntp logging

ntp clock-period 17180580

ntp server 91.103.24.10

!

Thanks

MAhesh