Cisco Networking Issue

I installed a Cisco 3560 and it connects back to the home network and can use internal network resources but I can't get onto the internet using computers connected to the switch.   I can ping and traceroute to www.yahoo.com with no problems from the switch.  
Anyone have any ideals?
EvolutionzzAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Craig BeckCommented:
Can you post the config?
0
EvolutionzzAuthor Commented:
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname
!
boot-start-marker
boot-end-marker
!
enable secret 5
!
!
!
aaa new-model
!
!
aaa authentication login default group tacacs+ local-case
aaa authorization exec default group tacacs+ local
!
!
!
aaa session-id common
system mtu routing 1500
ip routing
!
!
!
!
crypto pki trustpoint TP-self-signed-664762496
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-664762496
 revocation-check none
 rsakeypair TP-self-signed-664762496
!
!
crypto pki certificate chain TP-self-signed-664762496
 certificate self-signed 01
  30820249 308201B2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 36363437 36323439 36301E17 0D393330 33303130 30303133
  365A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3636 34373632
  34393630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  D6988C5A 2D8AEE1B F86DA499 2B6F89A0 7E6B6383 53F6CBA0 4129F448 C4C9F4CC
  D4F387AA 0D02AC5B 3FD44549 AA5C181C C256150E DF00EC84 04159F56 69A5B44B
  B71A7C83 31D235F7 97B47A1F 02BF85D3 F343708D 2E581C02 2595188F 3F2C4E28
  D83E1D1B 7996443A 00CF4B04 98F9F1D8 64D12485 1D10A6D4 DBC1109F 89CB3BA5
  02030100 01A37330 71300F06 03551D13 0101FF04 05300301 01FF301E 0603551D
  11041730 1582134F 50312D63 6F6D6D2D 70677374 61636B2D 312E301F 0603551D
  23041830 16801446 8875E27B 8439E089 E7601D63 E301BE8B E1811230 1D060355
  1D0E0416 04144688 75E27B84 39E089E7 601D63E3 01BE8BE1 8112300D 06092A86
  4886F70D 01010405 00038181 00BD8D45 D184285C 6604761B 75A1A2C9 3796444C
  951AF14F 95EE1E38 2FB9F03A 7E43D343 065094E9 8F58ED1B 6CBB8393 4D3607C0
  40D0FBFB 38074EA3 268CB11A 52499B22 864F4CE0 205FC4CB BE57B7AD CD4A6EA0
  A0710F1F C8F857A5 F85B246C 66CCA778 6279A680 7BDB37B2 A530D9DF A715417F
  0BE481CC 737533ED 8B3AEFA8 56
  quit
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface GigabitEthernet1/0/1
 no switchport
 ip address 10.106.158.105 255.255.255.252
!
interface GigabitEthernet1/0/2
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/6
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/7
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/8
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/9
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/10
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/11
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/12
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/13
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/14
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/15
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/16
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/17
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/18
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/19
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/20
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/21
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/22
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/23
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet1/0/24
 switchport access vlan 2
 spanning-tree portfast
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 ip address 10.107.200.65 255.255.255.192
 ip helper-address 10.106.173.10
!
!
router eigrp 1
 network 10.106.158.104 0.0.0.3
 network 10.107.200.64 0.0.0.63
 redistribute connected
 eigrp stub connected summary
!
ip default-gateway 10.106.158.105
no ip http server
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 10.106.158.106
ip http server
ip http secure-server
!
!
ip sla enable reaction-alerts
logging trap debugging
logging facility local1
logging source-interface Vlan1
logging

!
banner login ^CCC
 ** WARNING ** WARNING ** WARNING **
           UNAUTHORIZED ACCESS TO THIS SYSTEM IS STRICTLY PROHIBITED
 You are attempting to access a system that is restricted to SJH Network Support
 personnel only.  All system access is logged and monitored.  If you feel that
 you have reached this system by mistake, disconnect now.
 ^C
!
line con 0
line vty 0 4
 password
line vty 5 15
!
end
0
EvolutionzzAuthor Commented:
I left off some access list and logging IP's.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

AkinsdNetwork AdministratorCommented:
Is the trace route issued from the computer or the switch. My guess is, it's from the switch.

If it was on the computers, then it means the switch allows icmp traffic but is blocking http (port 80) or https (port 443) traffic

Check your access list
0
Craig BeckCommented:
I'd say it's actually an issue with routing or NAT on the router at 10.106.158.106.

Can you post the show ip eigrp neighbors output, and the show ip route output?
0
EvolutionzzAuthor Commented:
#sho ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(1)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
0   10.106.158.106          Gi1/0/1           12 05:11:17 1597  5000  0  661731
0
EvolutionzzAuthor Commented:
#sho ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 10.106.158.106 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 10.106.158.106
      4.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
D EX     4.42.180.0/23
           [170/569344] via 10.106.158.106, 05:13:02, GigabitEthernet1/0/1
D EX     4.42.180.0/24
           [170/3072] via 10.106.158.106, 05:13:08, GigabitEthernet1/0/1
D EX     4.42.183.0/24
           [170/569344] via 10.106.158.106, 05:13:06, GigabitEthernet1/0/1
      7.0.0.0/32 is subnetted, 1 subnets
D EX     7.128.250.23
           [170/3072] via 10.106.158.106, 05:13:08, GigabitEthernet1/0/1
      8.0.0.0/32 is subnetted, 3 subnets
D EX     8.192.1.94
           [170/569344] via 10.106.158.106, 05:13:06, GigabitEthernet1/0/1
D EX     8.192.1.95
           [170/569344] via 10.106.158.106, 05:13:06, GigabitEthernet1/0/1
D EX     8.192.160.95
           [170/569344] via 10.106.158.106, 05:13:06, GigabitEthernet1/0/1
      10.0.0.0/8 is variably subnetted, 1338 subnets, 20 masks
D EX     10.0.0.0/8
           [170/569344] via 10.106.158.106, 05:13:06, GigabitEthernet1/0/1
D EX     10.0.1.0/24
           [170/3072] via 10.106.158.106, 05:13:08, GigabitEthernet1/0/1
D EX     10.1.3.10/32
           [170/3072] via 10.106.158.106, 05:13:08, GigabitEthernet1/0/1
D EX     10.2.0.0/16
 --More--
a lot more routes
0
Craig BeckCommented:
Routing looks good.  What type of router is providing internet access?
0
EvolutionzzAuthor Commented:
I found out that a Palo Alto Firewall is blocking my subnets.  Thats for all your comments.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
EvolutionzzAuthor Commented:
I found out the issue myself.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.