ACL incorrect NAT inside source list NAT source setting 1 HQ#show run Building configuration... Current configuration : 1816 bytes ! version 15.1 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname HQ ! ! ! ! ! ! ! ! ip cef no ipv6 cef ! ! ! username ISP password 0 cisco username admin privilege 15 secret 5 $1$mERr$89oFbVUY9tU/mdjv3ClG3. ! ! license udi pid CISCO2911/K9 sn FTX1524X107 ! ! ! ! ! ! ! ! ! ! ! spanning-tree mode pvst ! ! ! ! ! ! interface Tunnel0 ip address 192.168.1.1 255.255.255.252 mtu 1476 tunnel source Serial0/0/0 tunnel destination 10.0.0.2 ! ! interface Tunnel1 ip address 192.168.1.5 255.255.255.252 mtu 1476 tunnel source Serial0/0/0 tunnel destination 10.0.0.3 ! ! interface Virtual-Template1 ppp chap hostname ISP ppp chap password 0 0 cisco ! interface GigabitEthernet0/0 no ip address duplex auto speed auto shutdown ! interface GigabitEthernet0/1 no ip address duplex auto speed auto shutdown ! interface GigabitEthernet0/2 no ip address duplex auto speed auto shutdown ! interface Serial0/0/0 description Link to Frame Relay Full Mesh ip address 10.0.0.1 255.255.255.248 encapsulation frame-relay frame-relay map ip 10.0.0.2 102 broadcast frame-relay map ip 10.0.0.3 103 broadcast frame-relay lmi-type ansi ip nat inside ! interface Serial0/0/1 description Link to ISP ip address 209.165.201.2 255.255.255.252 encapsulation ppp ppp authentication chap ip nat outside ! interface Vlan1 no ip address shutdown ! router eigrp 100 redistribute static network 10.0.0.0 ! ip nat inside source list 1 interface Serial0/0/1 overload ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0/1 ! ip flow-export version 9 ! ! access-list 1 permit 10.0.0.0 0.255.255.255 ! no cdp run ! banner motd ^CAUTHORIZED ACCESS ONLY^^C ! ! ! ! line con 0 exec-timeout 0 0 login ! line aux 0 ! line vty 0 4 login local ! ! ! end HQ# ********************************************************** R1# R1#show run Building configuration... Current configuration : 1355 bytes ! version 15.1 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname R1 ! ! ! ! ! ! ! ! ip cef no ipv6 cef ! ! ! ! license udi pid CISCO1941/K9 sn FTX15247QA4 ! ! ! ! ! ! ! ! ! ! ! spanning-tree mode pvst ! ! ! ! ! ! interface Tunnel0 ip address 192.168.1.6 255.255.255.252 mtu 1476 tunnel source Serial0/0/0 tunnel destination 10.0.0.1 ! ! interface Tunnel1 ip address 192.168.1.9 255.255.255.252 mtu 1476 tunnel source Serial0/0/0 tunnel destination 10.0.0.2 ! ! interface GigabitEthernet0/0 ip address 10.1.150.1 255.255.255.0 duplex auto speed auto ! interface GigabitEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/0/0 description Link to Frame Relay Full Mesh ip address 10.0.0.3 255.255.255.248 encapsulation frame-relay frame-relay map ip 10.0.0.1 301 broadcast frame-relay map ip 10.0.0.2 302 broadcast frame-relay lmi-type ansi no frame-relay inverse-arp ! interface Serial0/0/1 no ip address clock rate 2000000 ! interface Vlan1 no ip address shutdown ! router eigrp 100 passive-interface GigabitEthernet0/0 network 10.0.0.0 ! ip classless ! ip flow-export version 9 ! ! ! no cdp run ! banner motd ^CAUTHORIZED ACCESS ONLY^^C ! ! ! ! line con 0 exec-timeout 0 0 login ! line aux 0 ! line vty 0 4 login ! ! ! end R1# ************************************************************ R2#show run Building configuration... Current configuration : 1350 bytes ! version 15.1 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname R2 ! ! ! ! ! ! ! ! ip cef no ipv6 cef ! ! ! ! license udi pid CISCO1941/K9 sn FTX1524CZ2X ! ! ! ! ! ! ! ! ! ! ! spanning-tree mode pvst ! ! ! ! ! ! interface Tunnel0 ip address 192.168.1.2 255.255.255.252 mtu 1476 tunnel source Serial0/0/0 tunnel destination 10.0.0.1 ! ! interface Tunnel1 ip address 192.168.1.10 255.255.255.252 mtu 1476 tunnel source Serial0/0/0 tunnel destination 10.0.0.3 ! ! interface GigabitEthernet0/0 description WEST LAN ip address 10.1.100.1 255.255.255.0 duplex auto speed auto ! interface GigabitEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/0/0 description Link to Frame Relay Full Mesh ip address 10.0.0.2 255.255.255.248 encapsulation frame-relay frame-relay map ip 10.0.0.1 201 broadcast frame-relay map ip 10.0.0.3 203 broadcast frame-relay lmi-type ansi ! interface Serial0/0/1 no ip address clock rate 2000000 ! interface Vlan1 no ip address shutdown ! router eigrp 100 passive-interface GigabitEthernet0/0 network 10.0.0.0 ! ip classless ! ip flow-export version 9 ! ! ! no cdp run ! banner motd ^CAUTHORIZED ACCESS ONLY^^C ! ! ! ! line con 0 exec-timeout 0 0 login ! line aux 0 ! line vty 0 4 login ! ! ! end R2# ********************************************************** S2#show run Building configuration... Current configuration : 1039 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname S2 ! ! ! ! ! spanning-tree mode pvst ! interface FastEthernet0/1 ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address shutdown ! ! ! ! line con 0 ! line vty 0 4 login line vty 5 15 login ! ! end S2# ************************************************************ S1>enable S1#show run Building configuration... Current configuration : 1039 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname S1 ! ! ! ! ! spanning-tree mode pvst ! interface FastEthernet0/1 ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address shutdown ! ! ! ! line con 0 ! line vty 0 4 login line vty 5 15 login ! ! end S1# *********************************************************** PC1: PC>ipconfig FastEthernet0 Connection:(default port) Link-local IPv6 Address.........: :: IP Address......................: 10.1.150.10 Subnet Mask.....................: 255.255.255.0 Default Gateway.................: 10.1.150.1 PC> *********************************************************** PC2: PC>ipconfig FastEthernet0 Connection:(default port) Link-local IPv6 Address.........: :: IP Address......................: 10.1.100.10 Subnet Mask.....................: 255.255.255.0 Default Gateway.................: 10.1.100.1 PC> *********************************************************** Web Server: FastEthernet0 Connection:(default port) Link-local IPv6 Address.........: FE80::205:5EFF:FEEE:59A IP Address......................: 209.165.200.226 Subnet Mask.....................: 255.255.255.252 Default Gateway.................: 209.165.200.225 SERVER>