Modem - Router Connection

[code:1]#ip access-list extended NAT
10 permit ip 192.168.0.0 0.0.0.255 any
exit

#interface fastethernet0
description WAN
ip address dhcp
ip nat outside
exit


#interface fastethernet1
ip address 192.168.0.222 255.255.255.0
vlan 1
ip nat inside
ip helper-address 192.168.0.3
exit

#ip nat inside source list NAT interface fastethernet0 overload

#ip dhcp pool dhcp
network 192.168.0.0 255.255.255.0
dns-server 8.8.8.8 8.8.4.4
default-router 192.168.0.222
exit

#ip route 0.0.0.0 0.0.0.0 Fastethernet0
[/code:1]


Apparently, this is my config. My modem is connected to FE0 of my router and is set to obtain IP add from my modem(isp). Now, Im not sure if this is the correct config. Can you please confirm?

It might be easier to work out if you tell us what you think is wrong! Are you getting error messages or some other reason to suspect an error? Do you have the config info for the ISP modem? It might make fault finding a bit easier.

In the following line:

[code:1]10 permit ip 192.168.0.0 0.0.0.255 any[/code:1]

Are you sure that the router accepts the 10 before the permit. I don't recall seeing it writen this way.

Other than that (and neglecting the # signs above) , I can't seam to find the a problem. Tell us what the symptoms are.

In the following line:

[code:1]10 permit ip 192.168.0.0 0.0.0.255 any[/code:1]

Are you sure that the router accepts the 10 before the permit. I don't recall seeing it writen this way.

Other than that (and neglecting the # signs above) , I can't seam to find the a problem. Tell us what the symptoms are.

the 10 is acceptable, the beauty of IP access-lists other than that you can name them, is you can insert your rules anywhere by putting the sequence number at the start of the line (if you miss is, it adds it at the end, if you put in several rules at once without a number, it just increaments it by 10 from the last sequence number)

useful command for named access lists incase you add a new rule in the middle of the ACL;

ip access-list resequence <name> <start value> <increament value>


The config on Fastethernet1 dosnt look quite right... not sure what the "vlan 1" command is for;

1) thats not how you specify a vlan for an interface ("switchport access vlan 1" is the correct command")
2) vlan's can only be a switchports, not L3 interfaces, but there is an IP address specified - you can't specify a VLAN and an IP address on the same interface

[code:1]#interface fastethernet1
ip address 192.168.0.222 255.255.255.0
vlan 1
ip nat inside
ip helper-address 192.168.0.3
exit [/code:1]

What model number router is this? it looks like a SOHO router from the way the commands are layed out (800/850 series?) Usually on these routers, you specify the fastethernet1 interface as a switchport, and then apply the IP to a SVI, i have a 851 router at home and the following is my config;

[code:1]interface FastEthernet1
description inside
switchport mode access
switchport access vlan 1
!
interface Vlan1
description inside
ip address 172.24.1.1 255.255.255.0
ip nat inside
no ip virtual-reassembly
ip route-cache flow[/code:1]

If you could provide a bit more information, what the problem is? maybe the output from the command's;
"show version"
"show ip interface brief"

the 10 is acceptable, the beauty of IP access-lists other than that you can name them, is you can insert your rules anywhere by putting the sequence number at the start of the line (if you miss is, it adds it at the end, if you put in several rules at once without a number, it just increaments it by 10 from the last sequence number)

Never knew that JamieP, thanks!!

Never knew that JamieP, thanks!!

not a problem. i'm in the proccess of changing all ACL's at work to named IP ACL's - you can tell what they are from the name, not just a number, and you can add/remove a rule without having to re-create the whole ACL