Cisco 1710 Route-Map/Accesslist problems, router reconfiguring itself

Discussion in 'Cisco' started by news.connect.com.au, Nov 25, 2003.

  1. Hey

    Having an issue with a Cisco 1710 router (running IOS 12.0).

    The problem is when I send the following commands to the router and then ask
    for the running config I get a different set of commands back (and no the
    commands I get back are not saved anywhere, the cisco box is changing the
    commands I enter somehow).

    Here is the part of the script I am having trouble with (note, IP's changed
    to protect the innocent, as in me)

    Start Of Cisco IOS commands

    ip nat inside source route-map To-Internet interface Ethernet0 overload
    ip nat inside source static 192.168.1.1 210.0.0.1 route-map To-Host1
    ip nat inside source static 192.168.1.2 210.0.0.1 route-map To-Host2
    !
    !
    ip access-list extended HOST1-TRAFFIC
    permit tcp any any eq 110
    permit tcp any any eq 25
    !
    ip access-list extended HOST2-TRAFFIC
    permit tcp any eq 4028 any
    permit tcp any eq 5029 any
    permit udp any eq 4028 any
    permit udp any eq 5029 any
    permit tcp any any eq 4028
    permit tcp any any eq 5029
    permit udp any any eq 4028
    permit udp any any eq 5029
    !
    ip access-list extended Not-Private
    deny ip any 192.168.1.0 0.0.0.255 log
    permit ip 192.168.1.0 0.0.0.255 any
    !
    route-map To-Host1 permit 10
    match ip address HOST1-TRAFFIC
    !
    route-map To-Host2 permit 10
    match ip address HOST2-TRAFFIC
    !
    route-map To-Internet permit 11
    match ip address Not-Private


    After I do this I then ask the router for the running config

    show running-config
    ip nat inside source route-map To-Internet interface Ethernet0 overload
    ip nat inside source static 192.168.1.1 210.0.0.1 route-map To-Internet
    // Note this line
    !
    !
    ip access-list extended HOST1-Traffic
    permit tcp any any eq 110
    permit tcp any any eq 25
    !
    ip access-list extended HOST2-TRAFFIC
    permit tcp any eq 4028 any
    permit tcp any eq 5029 any
    permit udp any eq 4028 any
    permit udp any eq 5029 any
    permit tcp any any eq 4028
    permit tcp any any eq 5029
    permit udp any any eq 4028
    permit udp any any eq 5029
    !
    ip access-list extended Not-Private
    deny ip any 192.168.1.0 0.0.0.255 log
    permit ip 192.168.1.0 0.0.0.255 any
    !
    route-map To-HOST1 permit 10
    match ip address HOST1-TRAFFIC
    !
    route-map To-HOST2 permit 10
    match ip address HOST2-TRAFFIC
    !
    route-map To-Internet permit 11
    match ip address Not-Private


    This line seems to have been altered such that now I don't know what it is
    doing.

    If anyone has any ideas I would be greatly appreciative (or thankful even).

    Ben
    news.connect.com.au, Nov 25, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Paul Stewart

    VPN Problems 1710 to 1710 via ADSL

    Paul Stewart, Dec 5, 2003, in forum: Cisco
    Replies:
    1
    Views:
    4,121
    Phillip Remaker
    Dec 5, 2003
  2. Sam
    Replies:
    6
    Views:
    5,517
  3. AM
    Replies:
    3
    Views:
    596
  4. Replies:
    1
    Views:
    5,133
    Barry Margolin
    Aug 13, 2005
  5. Ace51
    Replies:
    0
    Views:
    812
    Ace51
    May 11, 2006
Loading...

Share This Page