Cisco 877 NAT issues

Hi,

I have a Cisco 877 router and it wont route between the LAN and WAN. I logged into the router and discovered that the router wasn't NAT/PAT'ing, as I could ping external ip addresses from the console of the router, but not from the network 192.168.1.0/24.

I know there is something wrong with my NAT/PAT config I just cant put my finger on it.
Could you guys please have a look at my config below and tell me what you think the issue could be.

Thanks

Mark
sh run
Building configuration...
 
Current configuration : 3311 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 
!
no aaa new-model
!
!
dot11 syslog
!
dot11 ssid wifi
   vlan 1
authentication open 
   authentication key-management wpa
   wpa-psk ascii 7 
!
ip cef
!
!
no ip domain lookup
!
!
!
username user privilege 15 secret 5 
! 
!
crypto isakmp policy 10
 hash md5
 authentication pre-share
 group 2
 lifetime 28800
!
crypto isakmp policy 11
 hash md5
 authentication pre-share
group 2
 lifetime 28800
crypto isakmp key (removed) address 10.10.10.10 no-xauth
crypto isakmp key (removed) address 10.10.10.11 no-xauth
!
!
crypto ipsec transform-set vpn1 esp-3des esp-md5-hmac 
crypto ipsec transform-set vpn2 esp-3des esp-md5-hmac 
!
crypto map tunnel1 10 ipsec-isakmp 
 description Tunnel to VPN1
 set peer 10.10.10.10
 set transform-set vpn1 
 match address 110
crypto map tunnel2 11 ipsec-isakmp 
 description Tunnel to VPN2
 set peer 10.10.10.11
 set transform-set vpn2 
 match address 111
!
archive
 log config
  hidekeys
!
!
!
!
!
interface ATM0
 description DSL operating
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 no atm ilmi-keepalive
 dsl operating-mode auto 
!
interface ATM0.1 point-to-point
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 no ip mroute-cache
 pvc 8/35 
  encapsulation aal5mux ppp dialer
 dialer pool-member 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 no ip route-cache cef
 no ip route-cache
 shutdown
 !
 encryption vlan 1 mode ciphers tkip 
 !
 ssid dave
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
 world-mode dot11d country AU both
!
interface Vlan1
 ip address 192.168.1.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1412
!
interface Dialer1
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 2147483
 dialer-group 1
 no cdp enable
 ppp authentication pap callin
ppp chap hostname (removed)
 ppp chap password 7 (removed)
 ppp pap sent-username (removed)
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 192.168.1.0 255.255.255.0 Vlan1
!
ip http server
no ip http secure-server
ip nat source list 100 interface Dialer1 overload
!
access-list 100 deny   ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 100 deny   ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 100 deny   ip any any
access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 111 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
!
!
!
control-plane
!
!
line con 0
 no modem enable
line aux 0
line vty 0 4
 password 7 
 login
!
scheduler max-task-time 5000
end

Open in new window

LVL 6
mark_06Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Elwin3Commented:
Hi ,
I think the command should be:

ip nat inside source list 100 interface Dialer1 overload

try that.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.