Hi gurus,

I've been racking my brain on this, and I'm hoping it's a really simple solution.  The configurations below are very basic.

Router interface f2 (192.168.10.1) connects to switch interface g0/1 (192.168.10.2). 

PC1 connects to switch and successfully grabs dhcp ip address from router.

PC2 connects to switch and successfully grabs dhcp ip address from router.

Both PC1 and PC2 can get out to the internet. 

Both PC1 and PC2 can ping the router and switch.

Router can ping the switch and vice versa.

HOWEVER, PC1 and PC2 cannot talk to eachother!

Neither router nor switch can ping PC1 or PC2.

If I connect PC1 to router interface f3, PC2 can now ping PC1.  PC1 still cannot ping PC2. 

Can someone please help me save my hair from being pulled out.  Configurations below.  Thank you.

Router:

NAC_Router#sh run
Building configuration...

Current configuration : 2146 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname NAC_Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$XJfl$fTIp8IECvhB/WCwvAE2Wx1
!
no aaa new-model
!
!
dot11 syslog
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.10.1 192.168.10.50
ip dhcp excluded-address 192.168.3.1 192.168.3.50
!
ip dhcp pool ASNetwork
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
   dns-server 8.8.8.8
   lease 0 4
!
ip dhcp pool OBNetwork
   network 192.168.10.0 255.255.255.0
   default-router 192.168.10.1
   dns-server 8.8.8.8
   lease 0 4
!
!
!
multilink bundle-name authenticated
!
!
!
spanning-tree vlan 1 priority 8192
spanning-tree vlan 2 priority 8192
username labUser password 7 094D5D0D1F0404160D
!
!
archive
 log config
  hidekeys
!
!
!
!
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet0
 ip address 192.168.11.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet1
 description OUTSIDE
 ip address 192.168.100.2 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
 switchport access vlan 2
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
 switchport access vlan 2
!
interface Vlan1
 ip address 192.168.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface Vlan2
 ip address 192.168.3.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.100.1
!
!
no ip http server
no ip http secure-server
ip nat inside source list NAT interface FastEthernet1 overload
!
ip access-list extended NAT
 permit ip 192.168.3.0 0.0.0.255 any
 permit ip 192.168.10.0 0.0.0.255 any
!
!
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 login local
!
end

Switch:

NAC_Switch1#sh run
Building configuration...

Current configuration : 2338 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname NAC_Switch1
!
enable secret 5 $1$9C4K$uvyk6fnb0zO7yVgBZ9ssD0
!
username labUser password 7 045A180209205F4A0F
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 switchport mode access
 no ip address
!
interface FastEthernet0/2
 switchport mode access
 no ip address
!
interface FastEthernet0/3
 switchport mode access
 no ip address
!
interface FastEthernet0/4
 switchport mode access
 no ip address
!
interface FastEthernet0/5
 switchport mode access
 no ip address
!
interface FastEthernet0/6
 switchport mode access
 no ip address
!
interface FastEthernet0/7
 switchport mode access
 no ip address
!
interface FastEthernet0/8
 switchport mode access
 no ip address
!
interface FastEthernet0/9
 switchport mode access
 no ip address
!
interface FastEthernet0/10
 switchport mode access
 no ip address
!
interface FastEthernet0/11
 switchport mode access
 no ip address
!
interface FastEthernet0/12
 switchport mode access
 no ip address
!
interface FastEthernet0/13
 switchport mode access
 no ip address
!
interface FastEthernet0/14
 switchport mode access
 no ip address
!
interface FastEthernet0/15
 switchport mode access
 no ip address
!
interface FastEthernet0/16
 switchport mode access
 no ip address
!
interface FastEthernet0/17
 switchport mode access
 no ip address
!
interface FastEthernet0/18
 switchport mode access
 no ip address
!
interface FastEthernet0/19
 switchport mode access
 no ip address
!
interface FastEthernet0/20
 switchport mode access
 no ip address
!
interface FastEthernet0/21
 switchport mode access
 no ip address
!
interface FastEthernet0/22
 switchport mode access
 no ip address
!
interface FastEthernet0/23
 switchport mode access
 no ip address
!
interface FastEthernet0/24
 switchport mode access
 no ip address
!
interface GigabitEthernet0/1
 switchport mode access
 no ip address
!
interface GigabitEthernet0/2
 switchport mode access
 no ip address
!
interface Vlan1
 ip address 192.168.10.2 255.255.255.0
 no ip route-cache
!
ip http server
!
!
line con 0
line vty 0 4
 login local
line vty 5 15
 login
!
end