Cisco 837 Roter config help needed

Discussion in 'Cisco' started by robandyuk, May 13, 2012.

  1. robandyuk

    robandyuk

    Joined:
    May 13, 2012
    Messages:
    1
    Hi can anyone see why my router config will not let me browse the internet from any machine.
    I can ping NTL DNS 194.168.4.100 from both the router and the computer but it will not browse. On the router if I run the test connection on the ethernet 0 port it says I need to put a static route in but i do have a default route in already

    I have removed all passwords but left the rest
    I want 2 internal networks a 172.16.1.0/24 and a 10.0.0.0/24 both using the adsl port
    for internet
    the only other rules I need are VPN to an internal windows server 172.16.1.10
    any help would be great
    Thanks in advance
    Rob

    version 12.4
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    service sequence-numbers
    !
    hostname Roxby-rtr
    !
    boot-start-marker
    boot-end-marker
    !
    security authentication failure rate 10 log
    security passwords min-length 6
    logging buffered critical
    logging console critical
    enable secret 5 $1$s3El$00000000000000
    enable password 7 111918160000000000000
    !
    aaa new-model
    !
    !
    aaa authentication login local_auth local
    aaa authentication ppp default local
    !
    aaa session-id common
    !
    resource policy
    !
    clock timezone PCTime 0
    clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
    ip subnet-zero
    no ip gratuitous-arps
    no ip dhcp use vrf connected
    ip dhcp excluded-address 10.0.0.1 10.0.0.9
    ip dhcp excluded-address 10.0.0.51 10.0.0.254
    !
    ip dhcp pool DMZ
    import all
    network 10.0.0.0 255.255.255.0
    dns-server 194.168.4.100
    !
    ip cef
    ip domain name roxby.local
    ip name-server 8.8.8.8
    ip name-server 8.8.4.4
    no ip bootp server
    ip inspect name SDM_LOW dns
    ip inspect name SDM_LOW ftp
    ip inspect name SDM_LOW h323
    ip inspect name SDM_LOW icmp
    ip inspect name SDM_LOW netshow
    ip inspect name SDM_LOW rcmd
    ip inspect name SDM_LOW realaudio
    ip inspect name SDM_LOW rtsp
    ip inspect name SDM_LOW sqlnet
    ip inspect name SDM_LOW streamworks
    ip inspect name SDM_LOW tftp
    ip inspect name SDM_LOW vdolive
    ip inspect name SDM_LOW cuseeme
    ip inspect name SDM_LOW https
    ip inspect name SDM_LOW imap
    ip inspect name SDM_LOW pop3
    ip inspect name SDM_LOW esmtp
    ip inspect name SDM_LOW tcp
    ip inspect name SDM_LOW udp
    no ip ips deny-action ips-interface
    ip ips notify SDEE
    ip ssh time-out 60
    ip ssh authentication-retries 2
    login block-for 60 attempts 3 within 60
    !
    !



    !
    username admin privilege 15 password 7 000000000000000000000000000000
    username CRWS_Ritesh privilege 15 password 7 000000000000000000000000
    username CRWS_Kannan privilege 15 password 7 0000000000000000000000000
    username CRWS_Srini privilege 15 password 7 000000000000000000000000000
    username CRWS_Shashi privilege 15 password 7 00000000000000000000000000
    username CRWS_Gayatri privilege 15 password 7 0000000000000000000000000
    !
    !
    !
    !
    !
    interface Ethernet0
    description $FW_INSIDE$$ETH-LAN$
    ip address 172.16.1.1 255.255.255.0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    hold-queue 100 out
    !
    interface Ethernet2
    description $FW_INSIDE$
    ip address 10.0.0.1 255.255.255.0
    ip access-group 109 in
    ip verify unicast reverse-path
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    ip virtual-reassembly
    shutdown
    hold-queue 100 out
    !
    interface ATM0
    no ip address
    ip verify unicast source reachable-via rx allow-default 100
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    no atm ilmi-keepalive
    dsl operating-mode auto
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    !
    interface FastEthernet1
    speed auto
    full-duplex
    !
    interface FastEthernet2
    speed auto
    full-duplex
    !
    interface FastEthernet3
    speed auto
    full-duplex
    !
    interface FastEthernet4
    speed auto
    full-duplex
    !
    interface Dialer0
    description Orange ADSL$FW_OUTSIDE$
    ip address negotiated
    ip mtu 1492
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    no ip route-cache cef
    no ip route-cache
    ip tcp adjust-mss 1452
    no ip mroute-cache
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap callin
    ppp chap hostname xxxxxx.orangehome.co.uk@xx
    ppp chap password 7 xxxxxxxxxxxxxxxxxxxxxxxx
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    ip http server
    no ip http secure-server
    !
    ip nat inside source list 1 interface Dialer0 overload
    !
    !
    logging trap debugging
    logging facility local2
    access-list 1 remark SDM_ACL Category=2
    access-list 1 permit 172.16.1.0 0.0.0.255
    access-list 100 permit udp any any eq bootpc
    access-list 101 remark auto generated by SDM firewall configuration
    access-list 101 remark SDM_ACL Category=0
    access-list 101 deny ip 10.0.0.0 0.0.0.255 any
    access-list 101 deny ip host 255.255.255.255 any
    access-list 101 deny ip 127.0.0.0 0.255.255.255 any
    access-list 101 permit ip any any
    access-list 101 remark auto generated by SDM firewall configuration
    access-list 101 remark SDM_ACL Category=0
    access-list 101 remark auto generated by SDM firewall configuration
    access-list 101 remark SDM_ACL Category=0
    access-list 102 remark auto generated by SDM firewall configuration
    access-list 102 remark SDM_ACL Category=0
    access-list 102 deny ip 172.16.1.0 0.0.0.255 any
    access-list 102 permit icmp any host 10.0.0.1 echo-reply
    access-list 102 permit icmp any host 10.0.0.1 time-exceeded
    access-list 102 permit icmp any host 10.0.0.1 unreachable
    access-list 102 deny ip 10.0.0.0 0.255.255.255 any
    access-list 102 deny ip 172.16.0.0 0.15.255.255 any
    access-list 102 deny ip 192.168.0.0 0.0.255.255 any
    access-list 102 deny ip 127.0.0.0 0.255.255.255 any
    access-list 102 deny ip host 255.255.255.255 any
    access-list 102 deny ip host 0.0.0.0 any
    access-list 102 deny ip any any log
    access-list 102 remark auto generated by SDM firewall configuration
    access-list 102 remark SDM_ACL Category=0
    access-list 102 remark auto generated by SDM firewall configuration
    access-list 102 remark SDM_ACL Category=0
    access-list 103 remark auto generated by SDM firewall configuration
    access-list 103 remark SDM_ACL Category=0
    access-list 103 deny ip 10.0.0.0 0.0.0.255 any
    access-list 103 deny ip host 255.255.255.255 any
    access-list 103 deny ip 127.0.0.0 0.255.255.255 any
    access-list 103 permit ip any any
    access-list 103 remark auto generated by SDM firewall configuration
    access-list 103 remark SDM_ACL Category=0
    access-list 103 remark auto generated by SDM firewall configuration
    access-list 103 remark SDM_ACL Category=0
    access-list 104 remark auto generated by SDM firewall configuration
    access-list 104 remark SDM_ACL Category=0
    access-list 104 deny ip 172.16.1.0 0.0.0.255 any
    access-list 104 permit icmp any host 10.0.0.1 echo-reply
    access-list 104 permit icmp any host 10.0.0.1 time-exceeded
    access-list 104 permit icmp any host 10.0.0.1 unreachable
    access-list 104 deny ip 10.0.0.0 0.255.255.255 any
    access-list 104 deny ip 172.16.0.0 0.15.255.255 any
    access-list 104 deny ip 192.168.0.0 0.0.255.255 any
    access-list 104 deny ip 127.0.0.0 0.255.255.255 any
    access-list 104 deny ip host 255.255.255.255 any
    access-list 104 deny ip host 0.0.0.0 any
    access-list 104 deny ip any any log
    access-list 104 remark auto generated by SDM firewall configuration
    access-list 104 remark SDM_ACL Category=0
    access-list 104 remark auto generated by SDM firewall configuration
    access-list 104 remark SDM_ACL Category=0
    access-list 105 remark auto generated by SDM firewall configuration
    access-list 105 remark SDM_ACL Category=1
    access-list 105 permit ip 10.0.0.0 0.0.0.255 any
    access-list 105 permit ip host 255.255.255.255 any
    access-list 105 permit ip 127.0.0.0 0.255.255.255 any
    access-list 105 permit ip any any
    access-list 106 remark auto generated by SDM firewall configuration
    access-list 106 remark SDM_ACL Category=1
    access-list 106 deny ip 172.16.1.0 0.0.0.255 any
    access-list 106 deny ip host 255.255.255.255 any
    access-list 106 deny ip 127.0.0.0 0.255.255.255 any
    access-list 106 permit ip any any
    access-list 106 remark auto generated by SDM firewall configuration
    access-list 106 remark SDM_ACL Category=1
    access-list 106 remark auto generated by SDM firewall configuration
    access-list 106 remark SDM_ACL Category=1
    access-list 107 remark auto generated by SDM firewall configuration
    access-list 107 remark SDM_ACL Category=1
    access-list 107 permit udp host 193.36.79.101 eq domain any
    access-list 107 permit ip 10.0.0.0 0.0.0.255 any
    access-list 107 permit ip 172.16.1.0 0.0.0.255 any
    access-list 107 permit icmp any any echo-reply
    access-list 107 permit icmp any any time-exceeded
    access-list 107 permit icmp any any unreachable
    access-list 107 permit ip 10.0.0.0 0.255.255.255 any
    access-list 107 permit ip 172.16.0.0 0.15.255.255 any
    access-list 107 permit ip 192.168.0.0 0.0.255.255 any
    access-list 107 permit ip 127.0.0.0 0.255.255.255 any
    access-list 107 permit ip host 255.255.255.255 any
    access-list 107 permit ip host 0.0.0.0 any
    access-list 107 permit ip any any log
    access-list 108 remark auto generated by SDM firewall configuration
    access-list 108 remark SDM_ACL Category=1
    access-list 108 deny ip 10.0.0.0 0.0.0.255 any
    access-list 108 deny ip host 255.255.255.255 any
    access-list 108 deny ip 127.0.0.0 0.255.255.255 any
    access-list 108 permit ip any any
    access-list 109 remark auto generated by SDM firewall configuration
    access-list 109 remark SDM_ACL Category=1
    access-list 109 deny ip 172.16.1.0 0.0.0.255 any
    access-list 109 deny ip host 255.255.255.255 any
    access-list 109 deny ip 127.0.0.0 0.255.255.255 any
    access-list 109 permit ip any any
    access-list 110 remark auto generated by SDM firewall configuration
    access-list 110 remark SDM_ACL Category=1
    access-list 110 permit udp host 8.8.4.4 eq domain any
    access-list 110 permit udp host 8.8.8.8 eq domain any
    access-list 110 permit udp host 0.0.0.0 eq domain any
    access-list 110 permit udp host 194.168.8.100 eq domain any
    access-list 110 permit udp host 194.168.4.100 eq domain any
    access-list 110 deny ip 10.0.0.0 0.0.0.255 any
    access-list 110 deny ip 172.16.1.0 0.0.0.255 any
    access-list 110 permit icmp any any echo-reply
    access-list 110 permit icmp any any time-exceeded
    access-list 110 permit icmp any any unreachable
    access-list 110 deny ip 10.0.0.0 0.255.255.255 any
    access-list 110 deny ip 172.16.0.0 0.15.255.255 any
    access-list 110 deny ip 192.168.0.0 0.0.255.255 any
    access-list 110 deny ip 127.0.0.0 0.255.255.255 any
    access-list 110 deny ip host 255.255.255.255 any
    access-list 110 deny ip host 0.0.0.0 any
    access-list 110 deny ip any any log
    dialer-list 1 protocol ip permit
    no cdp run
    !
    control-plane
    !
    bridge 1 protocol dec
    banner motd ^C
    Authorized Access only
    This system is the property of So-&-So-Enterprise.
    UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED.
    You must have explicit permission to access this
    device. All activities performed on this device
    are logged. Any violations of access policy will result
    in disciplinary action.^C
    !
    line con 0
    exec-timeout 5 0
    login authentication local_auth
    no modem enable
    transport output telnet
    line aux 0
    login authentication local_auth
    transport output telnet
    line vty 0 4
    password 7 xxxxxxxxxxxxxxxxxxx
    login authentication local_auth
    transport input telnet ssh
    !
    scheduler max-task-time 5000
    end
     
    robandyuk, May 13, 2012
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Confused

    Cisco 837-837 VPN

    Confused, Jul 9, 2003, in forum: Cisco
    Replies:
    0
    Views:
    1,830
    Confused
    Jul 9, 2003
  2. Suppa Lamah
    Replies:
    8
    Views:
    1,684
  3. Guest
    Replies:
    4
    Views:
    18,459
    scott enwright
    Jan 17, 2004
  4. lyvicro@hotmail.com
    Replies:
    4
    Views:
    4,249
    lyvicro@hotmail.com
    Dec 15, 2005
  5. sparticle
    Replies:
    3
    Views:
    1,241
Loading...

Share This Page