I have a new T1 line that I am going to cut over to. The router that I am using has 2 NICs one for the routable IPs and the other for a 10.x.x.x net and these are connected to 2924 switches
Currently I do not have the T1 plugged in and I want to test the the network connections. I have PC in the net with address 10.0.0.100 and when I try pinging some other device on the net I get packet losses. If I ping 10.0.0.100 fromm router, no losses, but if I ping F1/0 from that PC I get some losses
Here is the config I am using the gateway is on F0/0 and the routable IPs are in the upper half of the class C. I am copying and pasteing out of hyperterm which is a nuisance. There seems to be a screwy entry in access-list 101, how do you remove it without having to redo the list?
Any sage advice greatly appreciated.
cisco2#sho config Using 2774 out of 29688 bytes ! version 12.3 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname cisco2 ! boot-start-marker boot-end-marker ! logging buffered 65535 debugging logging console informational enable secret 5 $1$Y1GM$BP64yCQ88SQb8tbyl enable password xxxxxxxxxxx ! clock timezone PST -8 no aaa new-model ip subnet-zero ip cef ! ! ip domain name Kednos.com ip name-server 12.70.58.130 ip name-server 12.70.58.132 ip name-server 12.70.58.133 ip name-server 12.70.58.134 ip name-server 12.70.58.135 ip name-server 12.70.58.137 ! ip audit po max-events 100 ! ! ! ! ! ! ! ! interface FastEthernet0/0 description OUTSIDE INTERFACE TO THE INTERNET ip address 12.70.58.129 255.255.255.128 ip access-group 101 in no ip redirects no ip unreachables no ip proxy-arp ip nat outside speed auto full-duplex no cdp enable ! interface Serial0/0 ip address 12.89.208.122 255.255.255.252 ip access-group 101 in ip access-group 102 out ip nat outside no ip mroute-cache ! interface FastEthernet1/0 description INSIDE INTERFACE TO PRIVATE NETWORK ip address 10.0.0.1 255.0.0.0 ip nat inside duplex auto speed auto ! ip nat inside source list 1 interface FastEthernet0/0 overload no ip http server no ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 12.89.208.121 ! ! access-list 1 permit 10.0.0.0 0.0.0.255 access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 172.16.0.0 0.0.15.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip host 0.0.0.0 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip 192.0.2.0 0.0.0.255 any access-list 101 deny ip 224.0.0.0 31.255.255.255 any access-list 101 deny ip 255.0.0.0 0.255.255.255 any access-list 101 deny ip any 255.0.0.0 0.255.255.255