I have a Cisco 1720 router that I need to config NAT and my ISP is a T1. I had a PIX die on my today that was doing all of my NAT so I need to config my router to handle this until my new ASA box comes in tomorrow.
The only changes I have made was change my F0 inteface IP from
207.88.*.*, which was one of my 32 outside IPs, to 192.168.0.1, which is my default route for my internet and the old IP of my PIX. I also added the "ip nat inside" command to the F0 interface. I need to do some outside static routes to certain internal IPs and I also need my normal users to get a range of small range of my external ips.My running config is...
! version 12.3 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router01 ! boot-start-marker boot system flash c1700-sy7-mz.123-12.bin boot-end-marker ! enable secret 5 *********** ! memory-size iomem 25 mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 no aaa new-model ip subnet-zero ip wccp web-cache ip wccp 80 ip wccp 81 ip wccp 82 ip wccp 83 ! ! no ip domain lookup ip domain name ******* ip name-server 65.*.*.* ip name-server 65.*.*.* ! ip cef ! ! ! ! interface Ethernet0 ip address dhcp ip access-group 100 in ip wccp web-cache redirect out shutdown full-duplex ! interface FastEthernet0 ip address 192.168.0.1 255.255.240.0 ip nat inside speed auto half-duplex ! interface FastEthernet0.1 ! interface Serial0 all School ip address 66.*.*.* 255.255.255.252 ip access-group 100 in ip wccp web-cache redirect out ip wccp 80 redirect out ip wccp 81 redirect out ip wccp 82 redirect out ip wccp 83 redirect out encapsulation ppp no fair-queue service-module t1 timeslots 1-24 service-module t1 remote-alarm-enable no cdp enable ! ip classless ip route 0.0.0.0 0.0.0.0 Serial0 ip http server ! ! access-list 1 permit 192.168.0.0 0.0.255.255 access-list 100 deny ip host 127.0.0.1 any access-list 100 deny ip 192.168.0.0 0.0.255.255 any access-list 100 deny ip 10.0.0.0 0.255.255.255 any access-list 100 deny ip 172.16.0.0 0.0.240.255 any access-list 100 deny ip 207.88.69.0 0.0.0.255 any access-list 100 permit ip any any ! snmp-server community hhwifi33 RO alias exec crs copy run start alias exec sr show run alias exec sho ip route alias exec ct config term ! line con 0 password ******* login line aux 0 line vty 0 4 password ******* login ! end