GET-IT: TEAMS DAY | 1-Day Free Virtual Conference all about Teams. Here on Petri.com - 8/12/20 GET-IT: TEAMS DAY - 8/12/20

Cisco 831 forward problem – access-list????

Home Forums Networking Cisco Routers & Switches How-to Cisco 831 forward problem – access-list????

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    pertol
    Member
    #130418

    version 12.4
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname xxxxxxxxxxxxxxxxxxxx
    !
    boot-start-marker
    boot-end-marker
    !
    no logging buffered
    enable secret 5 XXXXXXXXXXXXXXXXXXXXXXX
    !
    no aaa new-model
    !
    resource policy
    !
    no ip dhcp use vrf connected
    no ip dhcp conflict logging

    ip dhcp excluded-address 192.168.1.1 192.168.1.99
    ip dhcp excluded-address 192.168.1.151 192.168.1.254
    !
    ip dhcp pool CLIENT
    network 192.168.1.0 255.255.255.0
    domain-name test.net
    dns-server (dns1) (dns2)
    default-router (gateway ip)
    !
    ip dhcp pool FISSO
    host 192.168.1.133 255.255.255.0
    client-identifier 0100.0d87.a3b2.0a
    client-name FISSO
    lease 0 1
    !
    ip dhcp pool ACER-DJ
    host 192.168.1.115 255.255.255.0
    client-identifier 0100.16d3.e29f.b4
    client-name Notebook1
    lease 0 1
    !
    !
    ip cef

    ip name-server (dns1)
    ip name-server (dns2)
    ip inspect name myfw ftp timeout 3600
    ip inspect name myfw realaudio timeout 3600
    ip inspect name myfw smtp timeout 3600
    ip inspect name myfw tftp timeout 30
    ip inspect name myfw udp timeout 15
    ip inspect name myfw tcp timeout 3600
    !
    !
    !
    username (myname) privilege 15 secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXX
    !
    !
    !
    !
    !
    interface Ethernet0
    ip address 192.168.1.200 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    no cdp enable
    hold-queue 32 in
    interface Ethernet1
    ip address (secondary public ip) 255.255.255.248 secondary
    ip address (primary public ip) 255.255.255.248
    ip nat outside
    ip virtual-reassembly
    duplex auto
    no cdp enable
    !
    interface Ethernet2
    no ip address
    shutdown
    !
    interface FastEthernet1
    duplex auto
    speed auto
    !
    interface FastEthernet2
    duplex auto
    speed auto
    !
    interface FastEthernet3
    duplex auto
    speed auto
    !
    interface FastEthernet4
    duplex auto
    speed auto
    !
    ip route 0.0.0.0 0.0.0.0 (gateway ip)
    no ip http server
    ip http authentication local
    no ip http secure-server
    ip http max-connections 4
    ip http timeout-policy idle 600 life 86400 requests 10000
    !
    ip nat inside source list 10 interface Ethernet1 overload
    ip nat inside source static tcp 192.168.1.115 80 (secondary public ip) 80 extendable
    !
    access-list 10 permit 192.168.1.0 0.0.0.255
    access-list 100 permit tcp any host 192.168.1.115 eq www
    access-list 111 permit icmp any any administratively-prohibited
    access-list 111 permit icmp any any echo
    access-list 111 permit icmp any any echo-reply
    access-list 111 permit icmp any any packet-too-big
    access-list 111 permit icmp any any time-exceeded
    access-list 111 permit icmp any any traceroute
    access-list 111 permit icmp any any unreachable
    access-list 111 permit udp any eq bootps any eq bootpc
    access-list 111 permit udp any eq bootps any eq bootps
    access-list 111 permit udp any eq domain any
    access-list 111 permit esp any any
    access-list 111 permit udp any any eq isakmp
    access-list 111 permit udp any any eq 10000
    access-list 111 permit tcp any any eq 1723
    access-list 111 permit tcp any any eq 139
    access-list 111 permit udp any any eq netbios-ns
    access-list 111 permit udp any any eq netbios-dgm
    access-list 111 permit gre any any
    access-list 111 deny ip any any
    access-list 112 deny tcp any any eq ftp
    access-list 112 permit ip any any
    !
    control-plane
    !
    !
    line con 0
    exec-timeout 120 0
    login local
    no modem enable
    stopbits 1
    line aux 0
    line vty 0 4
    access-class 23 in
    exec-timeout 120 0
    login local
    length 0
    !
    scheduler max-task-time 5000
    end

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.