Cannot get onto internet via Cisco 857

Discussion in 'Routing & Switching' started by martinmckean, Jan 21, 2008.

  1. martinmckean

    martinmckean New Member

    2
    0
    1
    Jan 21, 2008 #1
    Remove Advertisement - Premium Membership
    Can anyone help ?

    I have set up my Cisco 857 as best I can and am pretty sure it has successfully connected to my ISP. My problem is that I cannot access the internet via browser ?

    Can anyone spot where I am going wrong ?



    Here is my config:


    Building configuration...

    Current configuration : 3723 bytes
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname Router02
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 51200 warnings
    !
    no aaa new-model
    !
    resource policy
    !
    clock timezone PCTime 0
    clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.1.1
    !
    ip dhcp pool sdm-pool
    import all
    network 192.168.1.0 255.255.255.0
    default-router 192.168.1.1
    dns-server 195.112.4.14 195.112.4.7
    lease 0 2
    !
    !
    ip cef
    ip inspect name DEFAULT100 cuseeme
    ip inspect name DEFAULT100 ftp
    ip inspect name DEFAULT100 h323
    ip inspect name DEFAULT100 icmp
    ip inspect name DEFAULT100 rcmd
    ip inspect name DEFAULT100 realaudio
    ip inspect name DEFAULT100 rtsp
    ip inspect name DEFAULT100 esmtp
    ip inspect name DEFAULT100 sqlnet
    ip inspect name DEFAULT100 streamworks
    ip inspect name DEFAULT100 tftp
    ip inspect name DEFAULT100 tcp
    ip inspect name DEFAULT100 udp
    ip inspect name DEFAULT100 vdolive
    ip domain name yourdomain.com
    ip name-server 195.112.4.14
    ip name-server 195.112.4.7
    !
    !
    crypto pki trustpoint TP-self-signed-444329445
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-444329445
    revocation-check none
    rsakeypair TP-self-signed-444329445
    !
    !
    username cisco1 privilege 15 secret 5 $1$iNCJ$dcdH/DLEgzESPftY2cuf21
    !
    !
    !
    !
    !
    interface ATM0
    no ip address
    no shutdown
    no atm ilmi-keepalive
    dsl operating-mode auto
    !
    interface ATM0.1 point-to-point
    description $ES_WAN$
    no snmp trap link-status
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Vlan1
    description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
    ip address 192.168.1.1 255.255.255.0
    ip access-group 100 in
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    !
    interface Dialer0
    description $FW_OUTSIDE$
    ip address negotiated
    ip access-group 101 in
    ip inspect DEFAULT100 out
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap callin
    ppp chap hostname [email protected]
    ppp chap password 0 xxxxxxx
    !
    ip route 0.0.0.0 0.0.0.0 Dialer0
    !
    ip http server
    ip http access-class 23
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source list 102 interface Dialer0 overload
    !
    access-list 100 remark auto generated by Cisco SDM Express firewall configuration
    access-list 100 remark SDM_ACL Category=1
    access-list 100 deny ip host 255.255.255.255 any
    access-list 100 deny ip 127.0.0.0 0.255.255.255 any
    access-list 100 permit ip any any
    access-list 101 permit udp any eq bootps any eq bootpc
    access-list 101 permit icmp any any echo-reply
    access-list 101 permit icmp any any time-exceeded
    access-list 101 permit icmp any any unreachable
    access-list 101 permit tcp host 195.149.28.178 any eq telnet
    access-list 101 deny ip 10.0.0.0 0.255.255.255 any
    access-list 101 deny ip 172.16.0.0 0.15.255.255 any
    access-list 101 deny ip 192.168.0.0 0.0.255.255 any
    access-list 101 deny ip 127.0.0.0 0.255.255.255 any
    access-list 101 deny ip host 255.255.255.255 any
    access-list 101 deny ip any any
    access-list 102 remark SDM_ACL Category=2
    access-list 102 permit ip 192.168.0.0 0.0.0.255 any
    dialer-list 1 protocol ip permit
    no cdp run
    !
    control-plane
    !
    !
    line con 0
    login local
    no modem enable
    line aux 0
    line vty 0 4
    access-class 23 in
    privilege level 15
    login local
    transport input telnet



    Any help most appreciated,
    Martin
     
  2. martinmckean

    martinmckean New Member

    2
    0
    1
    Jan 21, 2008 #2
    Remove Advertisement - Premium Membership
    Sorted it myself in end...

    Noticed that my NAT IP was incorrect. Stared at it for hours before I saw it.

    access-list 102 permit ip 192.168.0.0 0.0.0.255 any
     

Share This Page

Loading...
Remove Advertisement - Premium Membership
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...