Cisco 877 static routing to public IP - Need help please

[40000]

I have identical Cisco 877 routers on 2 seperate geographical networks, both connected to the internet with public static IP's, working fine......I need to route traffic between them but can't seem to get it right i.e. From router 1 (192.168.x.x) on public IP 1 - route 10.0.0.0 255.0.0.0 <public IP 2> and the other router 2 (10.x.x.x) on public IP 2 - route 192.168.0.0 255.255.0.0 <public IP 1>
From what I've read, this should work.
I'm not that familiar with Cisco so I'm hoping somebody with lots of knowledge can point me in the right direction. I would have thought that the receiving router must have something in its config to allow the inbound traffic but nobody mentions that anywhere.
Any knowlegeable help would be appreciated!!

 

[North323]

post scrubbed configs of both routers

 

[40000]

This is the config of the router on the 10.x.x.x network

Current configuration : 3568 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname London
!
boot-start-marker
boot-end-marker
!
logging buffered 52000
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-4143683124
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4143683124
revocation-check none
rsakeypair TP-self-signed-4143683124
!
!
crypto pki certificate chain TP-self-signed-4143683124
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34313433 36383331 3234301E 170D3032 30333031 30303037
31375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31343336
38333132 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A732 C0B14F60 F8F26C25 62AA9771 8994ACCF EA575B0F A735CB88 2D105F1A
F96A3483 B7D96702 B0C11FB1 71ED9CF1 9AA6EB49 42A763E8 BDA29496 54805DDC
3263C976 6D331579 61CE3382 03730EC4 5104B39F 5181F862 156E9EB1 B274B008
68F8BE98 C7FF164F C692BEAA 64B43B4C 8585BA85 F9935E22 DA838729 96E4E7AC
26BB0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 174C6F6E 646F6E2E 7A697068 65617465 72732E63 6F2E756B
301F0603 551D2304 18301680 1423793B 1D157F22 0585C912 8E289EB9 2AE1767C
76301D06 03551D0E 04160414 23793B1D 157F2205 85C9128E 289EB92A E1767C76
300D0609 2A864886 F70D0101 04050003 818100A2 525AA758 C691A9C8 D3026727
BC8AF5FE 51BD09E5 6C5C1613 3C9459FA B981AD2D EC8B06F3 9437C5CF BEA8E69C
F4915245 B4C4BC59 8F04CF4D 793EB5FB 751F93E7 7F96E0D7 6AF5ED5E 2D66D33A
8CD2DB56 A0D06813 9DE6D228 E4566EC3 C430C1A9 89B34F9B DBD2FB79 738B1DBF
16950A63 C78AD86A CBE92A18 13509932 008F7E
quit
dot11 syslog
ip cef
!
!
ip domain name <masked>
ip name-server 213.171.192.170
ip name-server 213.172.193.170
!
!
!
username <masked> privilege 15 secret 5 $1$85s7$jkEqCGbhvZj5uganRpZfG1
username <masked> privilege 15 secret 5 $1$TWze$.sYTS9bbHR2UCSLKVTjMt/
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.44.1.254 255.255.0.0
ip nat inside
ip virtual-reassembly
!
interface Dialer0
ip address XXX.XXX.XXX.XXX 255.255.255.252
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname <masked>
ppp chap password 0 <masked>
ppp pap sent-username <masked>
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0 permanent
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.44.0.0 0.0.255.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
banner login ^CCisco 877
London
^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end

 

[40000]

This is the config of the 2nd router on the 192.x.x.x network

Current configuration : 3835 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname <masked>
!
boot-start-marker
boot-end-marker
!
logging buffered 52000
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-1185869655
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1185869655
revocation-check none
rsakeypair TP-self-signed-1185869655
!
!
crypto pki certificate chain TP-self-signed-1185869655
certificate self-signed 01
30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31313835 38363936 3535301E 170D3032 30333031 30303037
31375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31383538
36393635 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81008C6D E4C78D27 E787BA4E D3F9BFA2 5EEDC625 DFD13D70 674F1B10 E50B0E41
1F010651 533F4449 1F2D4204 F20AE264 A0F59045 C2F8BE3D 15CF9ADE FF64E033
BC57B88C DA393F66 8C69A2E3 E5DB3CFD 5BC3B4EB 8AD5F2D6 3124E535 431379B4
132787E6 7D1EE587 176C32B3 5330CA9D 0F2F0E9A 700875D0 3286FAF2 CCCD1444
F3E10203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
551D1104 1C301A82 18446572 6568616D 2E7A6970 68656174 6572732E 636F2E75
6B301F06 03551D23 04183016 8014BE5B 5332DC0F 24A67895 D3E5B23A 1EE12574
4E1B301D 0603551D 0E041604 14BE5B53 32DC0F24 A67895D3 E5B23A1E E125744E
1B300D06 092A8648 86F70D01 01040500 03818100 4EFC3209 E5F1752C 765760B7
2C6047F4 0E39467E 274DCBFC 4D1D2871 B965F3AA A178558B 53524A8C 3EAD8A51
58C1B479 D62E8FB0 BF0D0CCC DBA4CD3E 6EF84382 5714FC0B 53712E89 149B1BE5
D2BC85D6 8A3AA99F B3DEA832 CBDFE1F6 950DBB91 B8A4AFB4 C4DA98DB 613AF518
E282F025 A6E816D6 B49BC6A6 F7A0BAC3 30E928E3
quit
dot11 syslog
ip cef
!
!
ip domain name <masked>
ip name-server 212.139.132.5
ip name-server 212.139.132.6
ip name-server 212.139.132.21
ip name-server 212.139.132.22
!
!
!
username <masked> privilege 15 secret 5 $1$6EpP$.Zb/rpqOdZgjjwIOXJPwD.
username <masked> privilege 15 secret 5 $1$sE3W$TzbE31TvNii8y3dffrr3l1
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer0
ip address 213.208.100.133 255.255.255.252
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname <masked>
ppp chap password 0 <masked>
ppp pap sent-username <masked>
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 10.0.0.0 255.0.0.0 <masked> permanent
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool <masked> 192.0.0.0 192.0.0.0 netmask 255.0.0.0
ip nat inside source list 2 interface Dialer0 overload
!
ip access-list extended Internet
remark Outgoing Internet
remark SDM_ACL Category=1
permit tcp any any
!
access-list 2 remark SDM_ACL Category=2
access-list 2 permit 192.168.0.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
banner login ^CCisco 877
<masked>^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end

Any help appreciated.

 

[North323]

you can do one of two things. you can use BGP to route between 2 AS groups or create a vpn tunnel between two end points

 

[Minue]

I guess your'e not running MPLS VPN with your ISP.So the only way is to do as North323 said an nice VPN site-to-site this can be easily done with Cisco SDM.If you don't want the headache go with a simple GRE tunnel and laer we can add IPSEC to it.Let us know your choice so we can give you guide lines.

Regards