Help with 3725 connecting to internet with DS3 ATM card - MPLS Network

Hey guys,

Here is my situtation, I have a Cisco 3725 router with 1 NM-1A-T3, DS3 Network Module installed in it.

I am using this connection for both my DIA and WAN to the SBC network.

Right now, I am trying to get the internet connection working, next I will attack the WAN and then seperating them with ACL's

Here is the setup.  Internet 68.1.1.1/30 --- 68.1.1.2/30 3725 ATM Interface, 192.168.1.1/30 F0/0 -----192.168.1.2/30 FW WAN interface, 172.20.20.0/22 LAN

Here is my current config


Building configuration...

Current configuration : 1146 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
!
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.252
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
 no ip address
 atm scrambling cell-payload
 atm framing cbitplcp
 no atm ilmi-keepalive
!
interface ATM2/0.1 point-to-point
 description DS3 to SBC Internet
 ip address 68.1.1.2 255.255.255.252
 pvc SBCIS 2/521
  protocol ip 68.1.1.1
  vbr-nrt 64 64
  encapsulation aal5mux ip
 !
!
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 68.1.1.1 permanent
!
!
access-list 101 deny   53 any any
access-list 101 deny   55 any any
access-list 101 deny   77 any any
access-list 101 deny   pim any any
access-list 101 permit ip any any
!
!
!
!
!
!
!
!
line con 0
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
!
end

When logged into the router, I can ping site on the net by IP, but when I set my default gateway to the firewall (172.20.20.2/22), I cant ping out.
A tracert gets me to 192.168.1.1 (The LAN interface on the gateway router, past the FW now), but no farther. I am assuming that there is a route problem on the router, but the 0.0.0.0 0.0.0.0 static route should take care of that?

Ideas?
LVL 2
UnifiedITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
You'll need to enable NAT to get out from a client behind the firewall.
Assuming that the FW is also doing NAT for the 172.20.20/20 subnet....

interface fe 0/0
  ip nat inside

interface atm2/0.1
  ip nat outside

ip nat inside source list 1 interface ATM2/0.1 overload
access-list 1 permit 192.16.1.0
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
UnifiedITAuthor Commented:
Awesome, thats exactly what I needed.

Thank you,

Mike



0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.