5 Replies Latest reply on Jun 22, 2016 6:30 PM by srk2016

    Trying to find a solution, I set up a 3448 router with eth 0/1 as serial side/subnet /32 and eth 0/2 with ISP static lan block/subnet /27. When I try to ping out from the unit it does not work.

    srk2016 New Member

      Here is my config, I need eth 0/2 to have the statics set up public side.

       


      ip firewall
      no ip firewall alg msn
      no ip firewall alg mszone
      no ip firewall alg h323
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      no dot11ap access-point-control
      !
      !
      !
      !
      !
      !
      !
      ip dhcp pool #
        network 192.168.1.0 255.255.255.0
        dns-server 192.168.1.1
        default-router 192.168.1.1
      !
      !
      !
      !
      ip urlfilter allowmode
      !
      !
      !
      !
      !
      !
      !
      !
      vlan 1
        name "Default"
      !
      !
      !
      no ethernet cfm
      !
      interface eth 0/1
        ip address  xx.xx.xx.xx  255.255.255.252
        ip mtu 1500
        ip access-policy Public
        no shutdown
      !
      !
      interface eth 0/2
        ip address  xx.xxx.xxx.193  255.255.255.192
        ip mtu 1500
        ip access-policy "Private 2"
        no shutdown
      !
      !
      !
      interface switchport 0/1
        spanning-tree edgeport
        no shutdown
      !
      interface switchport 0/2
        spanning-tree edgeport
        no shutdown
      !
      interface switchport 0/3
        no shutdown
      !
      interface switchport 0/4
        no shutdown
      !
      interface switchport 0/5
        no shutdown
      !
      interface switchport 0/6
        no shutdown
      !
      interface switchport 0/7
        spanning-tree edgeport
        no shutdown
      !
      interface switchport 0/8
        spanning-tree edgeport
        no shutdown
      !
      !
      !
      interface vlan 1
        ip address  192.168.1.1  255.255.255.0
        no shutdown
      !
      !
      !
      !
      !
      !
      !
      ip access-list standard wizard-ics
        remark Internet Connection Sharing
        permit any
      !
      !
      ip access-list extended self
        remark Traffic to NetVanta
        permit ip any  any     log
      !
      ip access-list extended web-acl-3
        permit tcp any  any eq www   log
        permit tcp any  any eq telnet   log
        permit udp any  any eq snmp    log
        permit tcp any  any eq https   log
        permit tcp any  any eq ssh   log
        permit tcp any  any eq ftp   log
        permit icmp any  any  echo   log
      !
      ip access-list extended web-acl-4
        remark mm
        permit ip any  any
      !
      !
      !
      !
      ip policy-class Private
        allow list self self
        nat source list wizard-ics interface eth 0/1 overload
      !

       

      !
      ip policy-class Public
        allow list web-acl-3 self
      !
      !
      !

       

      ip route 0.0.0.0 0.0.0.0 xx.xxx.xxx.165
      !
      no tftp server
      no tftp server overwrite
      http server
      http secure-server
      no snmp agent
      no ip ftp server
      ip ftp server default-filesystem flash
      no ip scp server
      no ip sntp server
      !
      !
      !
      !
      !
      !
      !
      !
      !
      ip sip udp 5060
      ip sip tcp 5060
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      line con 0
        login
      !
      line telnet 0 4
        login
        password password
        no shutdown
      line ssh 0 4
        login local-userlist
        no shutdown
      !
      !
      !
      !
      !
      !
      !
      en