1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cannot get onto internet via Cisco 857

Discussion in 'Routing & Switching' started by martinmckean, Jan 21, 2008.

  1. martinmckean

    martinmckean New Member

    Can anyone help ?

    I have set up my Cisco 857 as best I can and am pretty sure it has successfully connected to my ISP. My problem is that I cannot access the internet via browser ?

    Can anyone spot where I am going wrong ?

    Here is my config:

    Building configuration...

    Current configuration : 3723 bytes
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    hostname Router02
    logging buffered 51200 warnings
    no aaa new-model
    resource policy
    clock timezone PCTime 0
    clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
    no ip dhcp use vrf connected
    ip dhcp excluded-address
    ip dhcp pool sdm-pool
    import all
    lease 0 2
    ip cef
    ip inspect name DEFAULT100 cuseeme
    ip inspect name DEFAULT100 ftp
    ip inspect name DEFAULT100 h323
    ip inspect name DEFAULT100 icmp
    ip inspect name DEFAULT100 rcmd
    ip inspect name DEFAULT100 realaudio
    ip inspect name DEFAULT100 rtsp
    ip inspect name DEFAULT100 esmtp
    ip inspect name DEFAULT100 sqlnet
    ip inspect name DEFAULT100 streamworks
    ip inspect name DEFAULT100 tftp
    ip inspect name DEFAULT100 tcp
    ip inspect name DEFAULT100 udp
    ip inspect name DEFAULT100 vdolive
    ip domain name yourdomain.com
    ip name-server
    ip name-server
    crypto pki trustpoint TP-self-signed-444329445
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-444329445
    revocation-check none
    rsakeypair TP-self-signed-444329445
    username cisco1 privilege 15 secret 5 $1$iNCJ$dcdH/DLEgzESPftY2cuf21
    interface ATM0
    no ip address
    no shutdown
    no atm ilmi-keepalive
    dsl operating-mode auto
    interface ATM0.1 point-to-point
    description $ES_WAN$
    no snmp trap link-status
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    interface FastEthernet0
    interface FastEthernet1
    interface FastEthernet2
    interface FastEthernet3
    interface Vlan1
    ip address
    ip access-group 100 in
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    interface Dialer0
    description $FW_OUTSIDE$
    ip address negotiated
    ip access-group 101 in
    ip inspect DEFAULT100 out
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap callin
    ppp chap hostname [email protected].com
    ppp chap password 0 xxxxxxx
    ip route Dialer0
    ip http server
    ip http access-class 23
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source list 102 interface Dialer0 overload
    access-list 100 remark auto generated by Cisco SDM Express firewall configuration
    access-list 100 remark SDM_ACL Category=1
    access-list 100 deny ip host any
    access-list 100 deny ip any
    access-list 100 permit ip any any
    access-list 101 permit udp any eq bootps any eq bootpc
    access-list 101 permit icmp any any echo-reply
    access-list 101 permit icmp any any time-exceeded
    access-list 101 permit icmp any any unreachable
    access-list 101 permit tcp host any eq telnet
    access-list 101 deny ip any
    access-list 101 deny ip any
    access-list 101 deny ip any
    access-list 101 deny ip any
    access-list 101 deny ip host any
    access-list 101 deny ip any any
    access-list 102 remark SDM_ACL Category=2
    access-list 102 permit ip any
    dialer-list 1 protocol ip permit
    no cdp run
    line con 0
    login local
    no modem enable
    line aux 0
    line vty 0 4
    access-class 23 in
    privilege level 15
    login local
    transport input telnet

    Any help most appreciated,
  2. martinmckean

    martinmckean New Member

    Sorted it myself in end...

    Noticed that my NAT IP was incorrect. Stared at it for hours before I saw it.

    access-list 102 permit ip any

Share This Page