Cisco Static routing problem

I'm having a routing problem I could use some help with. Here is my network.

       
                                                                            DSL to Internet
                                                                                   |
                                                                                   |
192.168.2.0/24 network----cisco 2600 #1----T1----cisco 2600 #2-----firewall-----192.168.0.0/24


Here are the important details of Cisco 2600 #2 config

interface f/o
ip addr 192.168.0.5 255.255.255.0   (This is the ethernet port that looks at the firewall)
ip nat inside

interface s/0/0
ip addr 192.168.1.1 25 (This is the serial to the T1)
ip nat inside

int f1/0
ip addr 65.xxx.xxx.xxx 255.255.255.128
ip nat outside

ip nat inside source list 1 int f1/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 65.xxx.xxx.xxx.xxx
ip route 192.168.2.0 255.255.255.0 192.168.1.2

access list 1 permit 192.168.0.0 0.0.3.255

Withe this config I can ping from 192.168.2.0 to the Internet, but not 192.168.0.0/24

Am I missing a route that would allow that? I have bypassed the FW so i don't think that's my problem. Appreceate some help. Thanks.

Rick
BigfootSunRaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SorensonCommented:
post "show ip route" from 2600 #1 and 2600 #2 please.
If it is not a routing issue, you may need to exclude the networks from the "overload" statement.

(create new access-list 100)
access-list 100 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 100 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 100 permit ip 192.168.0.0 0.0.3.255 any

(then attach it to the overload command)
(turn off nat (disrupt internet :)  )  )
========
!
int f1/0
 no ip nat outside
!
do clear ip nat trans *
!
no ip nat inside source list 1 intf1/0 overload
ip nat inside source list 100 intf1/0 overload
!
int f1/0
 ip nat outside
!
==========
access-list 100 will then not allow packets from 192.168.1.x <--> 192.168.2.x to be translated.
all other internet will pick up nat.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
BigfootSunRaAuthor Commented:
It looks like I've found the answer. I think it was firewall problem after all. Thanks.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.