billyj1900
MIS
When I add access-list 111 for NAT I cannot SSH from the outside. If I remove ACL 111 I can SSH but cannot NAT. I changed access-list 111 to "access-list 111 permit ip any X.X.X.X" which I am not able to NAT.
I need to be able to NAT and SSH from the outside into the network. A snap shot of the config is posted below. Can someone tell me what I am missing?
interface FastEthernet1/0
description outside interface
ip address X.X.X.X 255.255.254.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect fwout in
ip virtual-reassembly
duplex auto
speed auto
ntp broadcast
no cdp enable
interface FastEthernet1/1
description inside interface to SW1a fa1/0/23
ip address 192.168.1.5 255.255.255.252
ip pim sparse-mode
ip nat inside
ip inspect fwout in
ip virtual-reassembly
duplex auto
speed auto
ip nat inside source list 111 interface FastEthernet1/0 overload
access-list 111 permit ip any any
I need to be able to NAT and SSH from the outside into the network. A snap shot of the config is posted below. Can someone tell me what I am missing?
interface FastEthernet1/0
description outside interface
ip address X.X.X.X 255.255.254.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect fwout in
ip virtual-reassembly
duplex auto
speed auto
ntp broadcast
no cdp enable
interface FastEthernet1/1
description inside interface to SW1a fa1/0/23
ip address 192.168.1.5 255.255.255.252
ip pim sparse-mode
ip nat inside
ip inspect fwout in
ip virtual-reassembly
duplex auto
speed auto
ip nat inside source list 111 interface FastEthernet1/0 overload
access-list 111 permit ip any any