Ok.... I have been reading enough info on the internet to think that the following config is correct but I'm running a port scan that tells me that port 80 is still blocked. I can get out to the internet but I'm trying to setup a web server. The webserver is available on the inside network but not from the outside. I'm using a dynamic IP on the outside interface (will be changed later to a static once everything works) and I'm using a static IP on the internal network. What am I missing that will open port 80 to the outside? I would also like an explanation so I can learn as well. Thanks in advance. This site is the best.
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname RID_OUTER
!
enable password 7 xxxxxxxxxxxxxxxx
!
memory-size iomem 25
ip subnet-zero
!
!
no ip domain-lookup
ip domain-name xxxxxxx
ip dhcp excluded-address 10.x.x.1 10.x.x.100
!
ip dhcp pool 1
network 10.x.x.0 255.255.255.0
default-router 10.x.x.1
dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
!
ip inspect max-incomplete high 1100
ip inspect max-incomplete low 900
ip inspect one-minute high 1100
ip inspect one-minute low 900
ip inspect name FastEthernet_0 tcp
ip inspect name FastEthernet_0 smtp
ip inspect name FastEthernet_0 udp
ip audit notify log
ip audit po max-events 100
ip ssh time-out 120
ip ssh authentication-retries 3
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
ip mtu adjust
!
!
!
!
interface Ethernet0
description connected to Internet
no ip address
no keepalive
half-duplex
pppoe enable
pppoe-client dial-pool-number 1
!
interface FastEthernet0
description connected to EthernetLAN
ip address 10.x.x.1 255.255.255.0
ip access-group 100 in
ip nat inside
ip inspect FastEthernet_0 in
ip tcp adjust-mss 1452
speed auto
!
interface Dialer1
description connected to Internet
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname xxxxxx
ppp chap password 7 xxxxx
ppp pap sent-username xxxx password 7 xxx
!
router rip
version 2
passive-interface Dialer1
network 10.0.0.0
no auto-summary
!
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 10.x.x.100 80 interface Ethernet0 80
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
ip pim bidir-enable
!
!
!
!
access-list 1 permit 10.x.x.0 0.0.0.255
access-list 100 permit ip any any
access-list 101 permit tcp any any eq dialer-list 2 protocol ip permit
!
snmp-server community public RO
!
line con 0
exec-timeout 0 0
password 7 xxxxxx
login
line aux 0
line vty 0 4
password 7 xxx
login
!
no scheduler allocate
end
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname RID_OUTER
!
enable password 7 xxxxxxxxxxxxxxxx
!
memory-size iomem 25
ip subnet-zero
!
!
no ip domain-lookup
ip domain-name xxxxxxx
ip dhcp excluded-address 10.x.x.1 10.x.x.100
!
ip dhcp pool 1
network 10.x.x.0 255.255.255.0
default-router 10.x.x.1
dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
!
ip inspect max-incomplete high 1100
ip inspect max-incomplete low 900
ip inspect one-minute high 1100
ip inspect one-minute low 900
ip inspect name FastEthernet_0 tcp
ip inspect name FastEthernet_0 smtp
ip inspect name FastEthernet_0 udp
ip audit notify log
ip audit po max-events 100
ip ssh time-out 120
ip ssh authentication-retries 3
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
ip mtu adjust
!
!
!
!
interface Ethernet0
description connected to Internet
no ip address
no keepalive
half-duplex
pppoe enable
pppoe-client dial-pool-number 1
!
interface FastEthernet0
description connected to EthernetLAN
ip address 10.x.x.1 255.255.255.0
ip access-group 100 in
ip nat inside
ip inspect FastEthernet_0 in
ip tcp adjust-mss 1452
speed auto
!
interface Dialer1
description connected to Internet
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname xxxxxx
ppp chap password 7 xxxxx
ppp pap sent-username xxxx password 7 xxx
!
router rip
version 2
passive-interface Dialer1
network 10.0.0.0
no auto-summary
!
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 10.x.x.100 80 interface Ethernet0 80
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
ip pim bidir-enable
!
!
!
!
access-list 1 permit 10.x.x.0 0.0.0.255
access-list 100 permit ip any any
access-list 101 permit tcp any any eq dialer-list 2 protocol ip permit
!
snmp-server community public RO
!
line con 0
exec-timeout 0 0
password 7 xxxxxx
login
line aux 0
line vty 0 4
password 7 xxx
login
!
no scheduler allocate
end
