Not so Noob (at least I like to think so) here in need of help. There has got to be something simple I'm missing. I have a network that's a little convoluted, so please bare with me. Short explanation: I'm having a Routing issue between two different networks. Network1 is using EIGRP for the internal routing protocol and Network2 is using OSPF. I have no control over Network2, I actually have to submit change request to a third party company in order to get my changes completed. Network1 consist of an working Internet connection to a Cisco 2821, which is in turn connected via dot1q encapsulated subinterfaces and ethernet to a Cisco 2924 switch with a dot1q trunked port. The 2924XL switch is then connected to a Cisco 2621 Router (I do have control of this router as well). The Cisco 2621 router is the Interconnect point between the two separately managed networks. The Cisco 2621 router of Network1 is then connected to a Cisco 4506 Layer-3 switch. This Cisco 4506 Layer-3 switch is then connected to a Vyatta OSPF ring. I then have a pc connected somewhere along this ring, that I should have data connectivity too. I only tell you this last part for reference. I believe my routing issue is at the Cisco 2621 Router. I do have connectivity from the 2801 to the 2621, however I'm not able to pass data from the Cisco 2801 Router to the second interface on the 2621 router that is connected to the 4506. I've check that the interface is up and I'm able to ping from the 2621 router all the way through the Vyatta OSPF ring to my pc on the other side. I just can't seem to cross the 2621 router. The Strangest thing is, the pc that is connected to the OSPF ring is able to send a rtsp video stream all the way through to a server connected to Network1's 2924 on a different subnet that gets created by the 2821. I've attach the configs of the 2801 and the 2621 routers so that someone can point me in the right direction.
2821 ROUTER CONFIG
------------------
Building configuration...
Current configuration : 17143 bytes
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service linenumber
service pt-vty-logging
service sequence-numbers
!
hostname 2821-sr1
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable :::::::::::::::::::::::::::::::
!
clock timezone MDST -5
clock summer-time MDST date Apr 6 2003 2:00 Oct 26 2003 2:00
no network-clock-participate aim 0
no network-clock-participate aim 1
aaa new-model
!
!
aaa authentication login AAA local-case line
aaa session-id common
ip subnet-zero
no ip source-route
ip tcp synwait-time 10
!
!
ip cef
!
!
ip tftp source-interface Loopback0
no ip bootp server
no ip domain lookup
no ftp-server write-enable
!
username ::::::::::::::::::::::::::::::::::
!
!
!
interface Loopback0
description SR1 LoopBack
ip address 10.22.22.1 255.255.255.255
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address xxx.xxx.xxx.241 255.255.255.248
ip access-group 101 in
ip nat outside
no ip route-cache cef
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface GigabitEthernet0/1
description DLink-2-2924Sw1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
duplex full
speed 100
no cdp enable
no mop enabled
!
interface GigabitEthernet0/1.103
description VLAN 103
encapsulation dot1Q 103
ip address 10.33.33.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip mroute-cache
no cdp enable
!
interface GigabitEthernet0/1.104
description VLAN 104
encapsulation dot1Q 104
ip address 10.44.44.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip mroute-cache
no cdp enable
!
interface GigabitEthernet0/1.105
description VLAN 105
encapsulation dot1Q 105
ip address 10.55.55.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
ip nat inside
no cdp enable
!
interface GigabitEthernet0/1.107
description VLAN 107
encapsulation dot1Q 107
ip address 10.77.77.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip mroute-cache
no cdp enable
!
interface GigabitEthernet0/1.108
description VLAN 108
encapsulation dot1Q 108
ip address 10.88.88.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
ip nat inside
no cdp enable
!
interface GigabitEthernet0/1.113
description Network-Mgmt - Network Mgmt VLAN 113
encapsulation dot1Q 113 native
ip address 10.113.113.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
no cdp enable
!
interface GigabitEthernet0/1.120
description VLAN 120
encapsulation dot1Q 120
ip address 10.120.120.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no cdp enable
!
interface GigabitEthernet0/1.200
description static route to 2621-SR2 - VLAN 200
encapsulation dot1Q 200
ip address 10.200.200.6 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
!
router eigrp 100
redistribute connected
redistribute static
network 10.22.22.0 0.0.0.255
network 10.33.33.0 0.0.0.255
network 10.44.44.0 0.0.0.255
network 10.55.55.0 0.0.0.255
network 10.77.77.0 0.0.0.255
network 10.88.88.0 0.0.0.255
network 10.113.113.0 0.0.0.255
network 10.120.120.0 0.0.0.255
network 10.200.200.0 0.0.0.7
neighbor 10.200.200.1 GigabitEthernet0/1.200
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 xxx.xxx.xxx.246
ip route 10.1.1.0 255.255.255.248 10.200.200.1
ip route 10.120.111.0 255.255.255.0 10.200.200.1
ip route 10.120.121.0 255.255.255.0 10.200.200.1
ip route 10.120.131.0 255.255.255.0 10.200.200.1
ip route 10.201.201.0 255.255.255.248 10.200.200.1
no ip http server
ip nat pool Z111 10.120.111.111 10.120.111.111 netmask 255.255.255.0 type rotary
ip nat pool Z141 10.120.111.141 10.120.111.141 netmask 255.255.255.0 type rotary
ip nat pool Z121 10.120.121.121 10.120.121.121 netmask 255.255.255.0 type rotary
ip nat pool Z131 10.120.131.131 10.120.131.131 netmask 255.255.255.0 type rotary
ip nat pool Z151 10.120.120.151 10.120.120.151 netmask 255.255.255.0 type rotary
ip nat pool Z161 10.120.120.161 10.120.120.161 netmask 255.255.255.0 type rotary
ip nat pool Z171 10.120.120.171 10.120.120.171 netmask 255.255.255.0 type rotary
ip nat pool Z181 10.120.120.181 10.120.120.181 netmask 255.255.255.0 type rotary
ip nat pool Z191 10.120.120.191 10.120.120.191 netmask 255.255.255.0 type rotary
ip nat pool Z2241 10.120.120.241 10.120.120.241 netmask 255.255.255.0 type rotary
ip nat pool Z2201 10.120.120.201 10.120.120.201 netmask 255.255.255.0 type rotary
ip nat pool Z2211 10.120.120.211 10.120.120.211 netmask 255.255.255.0 type rotary
ip nat pool Z2221 10.120.120.221 10.120.120.221 netmask 255.255.255.0 type rotary
ip nat pool Z2231 10.120.120.231 10.120.120.231 netmask 255.255.255.0 type rotary
ip nat pool P2219 10.120.120.219 10.120.120.219 netmask 255.255.255.0 type rotary
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static tcp 10.120.120.207 80 interface GigabitEthernet0/0 3207
ip nat inside source static tcp 10.120.120.235 80 interface GigabitEthernet0/0 3235
ip nat inside source static tcp 10.120.120.233 80 interface GigabitEthernet0/0 3233
ip nat inside source static tcp 10.120.120.225 80 interface GigabitEthernet0/0 3225
ip nat inside source static tcp 10.120.120.223 80 interface GigabitEthernet0/0 3223
ip nat inside source static tcp 10.120.120.215 80 interface GigabitEthernet0/0 3215
ip nat inside source static tcp 10.120.120.213 80 interface GigabitEthernet0/0 3213
ip nat inside source static tcp 10.120.120.205 80 interface GigabitEthernet0/0 3205
ip nat inside source static tcp 10.120.120.203 80 interface GigabitEthernet0/0 3203
ip nat inside source static 10.33.33.10 xxx.xxx.xxx.242
ip nat inside source static 10.33.33.11 xxx.xxx.xxx.243 extendable
ip nat inside source static 10.33.33.12 xxx.xxx.xxx.244 extendable
ip nat inside source static 10.33.33.15 xxx.xxx.xxx.245 extendable
ip nat inside destination list 111 pool Z111
ip nat inside destination list 121 pool Z121
ip nat inside destination list 131 pool Z131
ip nat inside destination list 141 pool Z141
ip nat inside destination list 151 pool Z151
ip nat inside destination list 161 pool Z161
ip nat inside destination list 171 pool Z171
ip nat inside destination list 181 pool Z181
ip nat inside destination list 191 pool Z191
ip nat inside destination list 2201 pool Z2201
ip nat inside destination list 2211 pool Z2211
ip nat inside destination list 2219 pool P2219
ip nat inside destination list 2221 pool Z2221
ip nat inside destination list 2231 pool Z2231
ip nat inside destination list 2241 pool Z2241
!
!
logging history debugging
logging trap debugging
logging source-interface Loopback0
logging 123.123.123.123
access-list 1 permit 10.33.33.0 0.0.0.255
access-list 1 permit 10.44.44.0 0.0.0.255
access-list 1 permit 10.55.55.0 0.0.0.255
access-list 1 permit 10.77.77.0 0.0.0.255
access-list 1 permit 10.88.88.0 0.0.0.255
access-list 1 permit 10.120.120.0 0.0.0.255 log
access-list 1 permit 10.200.200.0 0.0.0.255 log
access-list 1 permit 10.201.201.0 0.0.0.255 log
access-list 1 permit 10.120.111.0 0.0.0.255 log
access-list 1 permit 10.120.121.0 0.0.0.255 log
access-list 1 permit 10.120.131.0 0.0.0.255 log
access-list 12 permit 10.33.33.10
access-list 12 permit 123.123.123.123
access-list 12 permit 123.123.123.123
access-list 15 permit any log
access-list 50 remark Internal-NTP-Access-List
access-list 50 permit 10.120.120.12 log
access-list 50 permit 10.120.120.13 log
access-list 50 permit 10.113.113.2 log
access-list 50 permit 10.113.113.1 log
access-list 50 permit 10.120.120.253 log
access-list 50 deny any log
access-list 51 remark External-NTP-Access-List
access-list 51 permit 123.123.123.123 log
access-list 51 deny any log
access-list 99 permit 123.123.123.123 log
access-list 99 permit 123.123.123.123 log
access-list 99 permit 10.33.33.0 0.0.0.255 log
access-list 99 permit 207.111.161.0 0.0.0.255 log
access-list 99 permit 10.113.113.0 0.0.0.255 log
access-list 99 permit 10.120.120.0 0.0.0.255 log
access-list 99 permit 10.200.200.0 0.0.0.255 log
access-list 99 permit 10.201.201.0 0.0.0.255 log
access-list 99 permit 10.120.111.0 0.0.0.255 log
access-list 99 permit 10.120.121.0 0.0.0.255 log
access-list 99 permit 10.120.131.0 0.0.0.255 log
access-list 99 deny any log
access-list 101 deny udp any any eq tftp log-input
access-list 101 permit icmp any any echo
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any packet-too-big
access-list 101 permit icmp any any time-exceeded
access-list 101 deny icmp any any
access-list 101 deny udp any any eq 1434
access-list 101 deny tcp any any eq 1433 log-input
access-list 101 deny tcp any any eq 2025 log-input
access-list 101 deny tcp any any eq 2556
access-list 101 deny tcp any any eq 2745
access-list 101 deny udp any any eq 445
access-list 101 deny tcp any any eq 445
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq 135
access-list 101 deny tcp any any eq 135
access-list 101 deny tcp any any eq 901 log-input
access-list 101 deny tcp any any range 6000 6009 log-input
access-list 101 deny udp any any eq 2049 log-input
access-list 101 deny udp any any eq sunrpc log-input
access-list 101 deny tcp any any eq sunrpc log-input
access-list 101 deny udp any any eq 4045 log-input
access-list 101 deny tcp any any eq lpd log-input
access-list 101 permit udp 123.123.123.123 0.0.0.1 any eq snmp
access-list 101 permit udp 123.123.123.123 0.0.0.1 any eq 163 log-input
access-list 101 deny udp any any eq snmp log-input
access-list 101 deny udp any any eq snmptrap log-input
access-list 101 permit gre any any log
access-list 101 permit ip any any
access-list 101 permit tcp any any established
access-list 111 remark Access-List for MB-Z
access-list 111 permit tcp any host xxx.xxx.xxx.241 range 1900 1999
access-list 121 remark Access-List for MCD-Z
access-list 121 permit tcp any host xxx.xxx.xxx.241 range 2100 2199
access-list 131 remark Access-List for LB-Z
access-list 131 permit tcp any host xxx.xxx.xxx.241 range 2000 2099
access-list 141 remark Access-List for TN-Z
access-list 141 permit tcp any host xxx.xxx.xxx.241 range 1800 1899
access-list 151 remark Access-List for BG-Z
access-list 151 permit tcp any host xxx.xxx.xxx.241 range 2200 2299
access-list 161 remark Access-List for SL_Z
access-list 161 permit tcp any host xxx.xxx.xxx.241 range 2300 2399
access-list 171 remark Access-List for FM-Z
access-list 171 permit tcp any host xxx.xxx.xxx.241 range 2400 2499
access-list 181 remark Access-List for D-Z
access-list 181 permit tcp any host xxx.xxx.xxx.241 range 2500 2599
access-list 191 remark Access-List for FMR-Z
access-list 191 permit tcp any host xxx.xxx.xxx.241 range 2600 2699
access-list 2201 remark Access-List for BP-Z
access-list 2201 permit tcp any host xxx.xxx.xxx.241 range 2700 2799
access-list 2211 remark Access-List for CB-Z
access-list 2211 permit tcp any host xxx.xxx.xxx.241 range 2800 2899
access-list 2219 remark Access-List for CB-PA
access-list 2219 permit tcp any host xxx.xxx.xxx.241 range 20000 30999
access-list 2221 remark Access-List for P-Z
access-list 2221 permit tcp any host xxx.xxx.xxx.241 range 2900 2999
access-list 2231 remark Access-List for GSPP-Z
access-list 2231 permit tcp any host xxx.xxx.xxx.241 range 4000 4099
access-list 2241 remark Access-List for TP-Z
access-list 2241 permit tcp any host xxx.xxx.xxx.241 range 4100 4199
access-list 2500 permit ip any any log
snmp-server community read RO 12
snmp-server location NOC
snmp-server contact sysadmin
snmp-server chassis-id sdrgthyjytjnn
snmp-server enable traps tty
!
control-plane
!
banner exec ^CConnected to $(hostname).$(domain) on $(line-desc) $(line).
use of this system constitutes your consent to monitoring.^C
banner motd ^CNOTICE TO USERS^C
!
line con 0
exec-timeout 30 0
login authentication AAA
line aux 0
exec-timeout 0 0
line vty 0 4
access-class 99 in
exec-timeout 30 0
login authentication AAA
transport input telnet
line vty 5 15
access-class 99 in
exec-timeout 30 0
login authentication AAA
transport input telnet
!
scheduler allocate 20000 1000
ntp logging
ntp clock-period 17179931
ntp access-group query-only 50
ntp access-group serve-only 51
ntp server 0.pool.ntp.org source GigabitEthernet0/0 prefer
!
end
2621 ROUTER CONFIG
-------------------
Building configuration...
Current configuration : 2086 bytes
!
version 12.2
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service linenumber
service pt-vty-logging
service sequence-numbers
!
hostname 2621-SR2
!
logging buffered 8192 debugging
aaa new-model
aaa authentication login AAA local line
enable :::::::::::::::::::::::::::::::
!
username :::::::::::::::::::::::::::::::::::::
clock timezone CDST -6
clock summer-time CDST date Mar 11 2012 2:00 Nov 4 2012 2:00
ip subnet-zero
!
!
!
ip cef
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.202.202.1 255.255.255.255
!
interface FastEthernet0/0
description uplink to 4506-L3-Sw1
ip address 10.201.201.6 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet0/1
description Uplink to 2924Sw1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.200
encapsulation dot1Q 200 native
ip address 10.200.200.1 255.255.255.248
!
router eigrp 100
redistribute connected
redistribute static
network 10.200.200.0 0.0.0.7
network 10.201.201.0 0.0.0.7
network 10.202.202.1 0.0.0.0
auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.200.200.6 permanent
ip route 10.1.1.0 255.255.255.248 10.201.201.1
ip route 10.33.33.0 255.255.255.0 10.200.200.6
ip route 10.113.113.0 255.255.255.0 10.200.200.6
ip route 10.120.111.0 255.255.255.0 10.201.201.1
ip route 10.120.120.0 255.255.255.0 10.200.200.6
ip route 10.120.121.0 255.255.255.0 10.201.201.1
ip route 10.120.131.0 255.255.255.0 10.201.201.1
ip http server
!
logging history debugging
logging facility local5
access-list 15 permit any log
access-list 100 permit ip any any log
!
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
access-class 99 in
exec-timeout 15 0
login authentication AAA
line vty 5 15
access-class 99 in
exec-timeout 15 0
login authentication AAA
!
end
Thanks for any and all help!
2821 ROUTER CONFIG
------------------
Building configuration...
Current configuration : 17143 bytes
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service linenumber
service pt-vty-logging
service sequence-numbers
!
hostname 2821-sr1
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable :::::::::::::::::::::::::::::::
!
clock timezone MDST -5
clock summer-time MDST date Apr 6 2003 2:00 Oct 26 2003 2:00
no network-clock-participate aim 0
no network-clock-participate aim 1
aaa new-model
!
!
aaa authentication login AAA local-case line
aaa session-id common
ip subnet-zero
no ip source-route
ip tcp synwait-time 10
!
!
ip cef
!
!
ip tftp source-interface Loopback0
no ip bootp server
no ip domain lookup
no ftp-server write-enable
!
username ::::::::::::::::::::::::::::::::::
!
!
!
interface Loopback0
description SR1 LoopBack
ip address 10.22.22.1 255.255.255.255
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address xxx.xxx.xxx.241 255.255.255.248
ip access-group 101 in
ip nat outside
no ip route-cache cef
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface GigabitEthernet0/1
description DLink-2-2924Sw1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
duplex full
speed 100
no cdp enable
no mop enabled
!
interface GigabitEthernet0/1.103
description VLAN 103
encapsulation dot1Q 103
ip address 10.33.33.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip mroute-cache
no cdp enable
!
interface GigabitEthernet0/1.104
description VLAN 104
encapsulation dot1Q 104
ip address 10.44.44.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip mroute-cache
no cdp enable
!
interface GigabitEthernet0/1.105
description VLAN 105
encapsulation dot1Q 105
ip address 10.55.55.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
ip nat inside
no cdp enable
!
interface GigabitEthernet0/1.107
description VLAN 107
encapsulation dot1Q 107
ip address 10.77.77.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip mroute-cache
no cdp enable
!
interface GigabitEthernet0/1.108
description VLAN 108
encapsulation dot1Q 108
ip address 10.88.88.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
ip nat inside
no cdp enable
!
interface GigabitEthernet0/1.113
description Network-Mgmt - Network Mgmt VLAN 113
encapsulation dot1Q 113 native
ip address 10.113.113.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
no cdp enable
!
interface GigabitEthernet0/1.120
description VLAN 120
encapsulation dot1Q 120
ip address 10.120.120.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no cdp enable
!
interface GigabitEthernet0/1.200
description static route to 2621-SR2 - VLAN 200
encapsulation dot1Q 200
ip address 10.200.200.6 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
!
router eigrp 100
redistribute connected
redistribute static
network 10.22.22.0 0.0.0.255
network 10.33.33.0 0.0.0.255
network 10.44.44.0 0.0.0.255
network 10.55.55.0 0.0.0.255
network 10.77.77.0 0.0.0.255
network 10.88.88.0 0.0.0.255
network 10.113.113.0 0.0.0.255
network 10.120.120.0 0.0.0.255
network 10.200.200.0 0.0.0.7
neighbor 10.200.200.1 GigabitEthernet0/1.200
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 xxx.xxx.xxx.246
ip route 10.1.1.0 255.255.255.248 10.200.200.1
ip route 10.120.111.0 255.255.255.0 10.200.200.1
ip route 10.120.121.0 255.255.255.0 10.200.200.1
ip route 10.120.131.0 255.255.255.0 10.200.200.1
ip route 10.201.201.0 255.255.255.248 10.200.200.1
no ip http server
ip nat pool Z111 10.120.111.111 10.120.111.111 netmask 255.255.255.0 type rotary
ip nat pool Z141 10.120.111.141 10.120.111.141 netmask 255.255.255.0 type rotary
ip nat pool Z121 10.120.121.121 10.120.121.121 netmask 255.255.255.0 type rotary
ip nat pool Z131 10.120.131.131 10.120.131.131 netmask 255.255.255.0 type rotary
ip nat pool Z151 10.120.120.151 10.120.120.151 netmask 255.255.255.0 type rotary
ip nat pool Z161 10.120.120.161 10.120.120.161 netmask 255.255.255.0 type rotary
ip nat pool Z171 10.120.120.171 10.120.120.171 netmask 255.255.255.0 type rotary
ip nat pool Z181 10.120.120.181 10.120.120.181 netmask 255.255.255.0 type rotary
ip nat pool Z191 10.120.120.191 10.120.120.191 netmask 255.255.255.0 type rotary
ip nat pool Z2241 10.120.120.241 10.120.120.241 netmask 255.255.255.0 type rotary
ip nat pool Z2201 10.120.120.201 10.120.120.201 netmask 255.255.255.0 type rotary
ip nat pool Z2211 10.120.120.211 10.120.120.211 netmask 255.255.255.0 type rotary
ip nat pool Z2221 10.120.120.221 10.120.120.221 netmask 255.255.255.0 type rotary
ip nat pool Z2231 10.120.120.231 10.120.120.231 netmask 255.255.255.0 type rotary
ip nat pool P2219 10.120.120.219 10.120.120.219 netmask 255.255.255.0 type rotary
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static tcp 10.120.120.207 80 interface GigabitEthernet0/0 3207
ip nat inside source static tcp 10.120.120.235 80 interface GigabitEthernet0/0 3235
ip nat inside source static tcp 10.120.120.233 80 interface GigabitEthernet0/0 3233
ip nat inside source static tcp 10.120.120.225 80 interface GigabitEthernet0/0 3225
ip nat inside source static tcp 10.120.120.223 80 interface GigabitEthernet0/0 3223
ip nat inside source static tcp 10.120.120.215 80 interface GigabitEthernet0/0 3215
ip nat inside source static tcp 10.120.120.213 80 interface GigabitEthernet0/0 3213
ip nat inside source static tcp 10.120.120.205 80 interface GigabitEthernet0/0 3205
ip nat inside source static tcp 10.120.120.203 80 interface GigabitEthernet0/0 3203
ip nat inside source static 10.33.33.10 xxx.xxx.xxx.242
ip nat inside source static 10.33.33.11 xxx.xxx.xxx.243 extendable
ip nat inside source static 10.33.33.12 xxx.xxx.xxx.244 extendable
ip nat inside source static 10.33.33.15 xxx.xxx.xxx.245 extendable
ip nat inside destination list 111 pool Z111
ip nat inside destination list 121 pool Z121
ip nat inside destination list 131 pool Z131
ip nat inside destination list 141 pool Z141
ip nat inside destination list 151 pool Z151
ip nat inside destination list 161 pool Z161
ip nat inside destination list 171 pool Z171
ip nat inside destination list 181 pool Z181
ip nat inside destination list 191 pool Z191
ip nat inside destination list 2201 pool Z2201
ip nat inside destination list 2211 pool Z2211
ip nat inside destination list 2219 pool P2219
ip nat inside destination list 2221 pool Z2221
ip nat inside destination list 2231 pool Z2231
ip nat inside destination list 2241 pool Z2241
!
!
logging history debugging
logging trap debugging
logging source-interface Loopback0
logging 123.123.123.123
access-list 1 permit 10.33.33.0 0.0.0.255
access-list 1 permit 10.44.44.0 0.0.0.255
access-list 1 permit 10.55.55.0 0.0.0.255
access-list 1 permit 10.77.77.0 0.0.0.255
access-list 1 permit 10.88.88.0 0.0.0.255
access-list 1 permit 10.120.120.0 0.0.0.255 log
access-list 1 permit 10.200.200.0 0.0.0.255 log
access-list 1 permit 10.201.201.0 0.0.0.255 log
access-list 1 permit 10.120.111.0 0.0.0.255 log
access-list 1 permit 10.120.121.0 0.0.0.255 log
access-list 1 permit 10.120.131.0 0.0.0.255 log
access-list 12 permit 10.33.33.10
access-list 12 permit 123.123.123.123
access-list 12 permit 123.123.123.123
access-list 15 permit any log
access-list 50 remark Internal-NTP-Access-List
access-list 50 permit 10.120.120.12 log
access-list 50 permit 10.120.120.13 log
access-list 50 permit 10.113.113.2 log
access-list 50 permit 10.113.113.1 log
access-list 50 permit 10.120.120.253 log
access-list 50 deny any log
access-list 51 remark External-NTP-Access-List
access-list 51 permit 123.123.123.123 log
access-list 51 deny any log
access-list 99 permit 123.123.123.123 log
access-list 99 permit 123.123.123.123 log
access-list 99 permit 10.33.33.0 0.0.0.255 log
access-list 99 permit 207.111.161.0 0.0.0.255 log
access-list 99 permit 10.113.113.0 0.0.0.255 log
access-list 99 permit 10.120.120.0 0.0.0.255 log
access-list 99 permit 10.200.200.0 0.0.0.255 log
access-list 99 permit 10.201.201.0 0.0.0.255 log
access-list 99 permit 10.120.111.0 0.0.0.255 log
access-list 99 permit 10.120.121.0 0.0.0.255 log
access-list 99 permit 10.120.131.0 0.0.0.255 log
access-list 99 deny any log
access-list 101 deny udp any any eq tftp log-input
access-list 101 permit icmp any any echo
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any packet-too-big
access-list 101 permit icmp any any time-exceeded
access-list 101 deny icmp any any
access-list 101 deny udp any any eq 1434
access-list 101 deny tcp any any eq 1433 log-input
access-list 101 deny tcp any any eq 2025 log-input
access-list 101 deny tcp any any eq 2556
access-list 101 deny tcp any any eq 2745
access-list 101 deny udp any any eq 445
access-list 101 deny tcp any any eq 445
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq 135
access-list 101 deny tcp any any eq 135
access-list 101 deny tcp any any eq 901 log-input
access-list 101 deny tcp any any range 6000 6009 log-input
access-list 101 deny udp any any eq 2049 log-input
access-list 101 deny udp any any eq sunrpc log-input
access-list 101 deny tcp any any eq sunrpc log-input
access-list 101 deny udp any any eq 4045 log-input
access-list 101 deny tcp any any eq lpd log-input
access-list 101 permit udp 123.123.123.123 0.0.0.1 any eq snmp
access-list 101 permit udp 123.123.123.123 0.0.0.1 any eq 163 log-input
access-list 101 deny udp any any eq snmp log-input
access-list 101 deny udp any any eq snmptrap log-input
access-list 101 permit gre any any log
access-list 101 permit ip any any
access-list 101 permit tcp any any established
access-list 111 remark Access-List for MB-Z
access-list 111 permit tcp any host xxx.xxx.xxx.241 range 1900 1999
access-list 121 remark Access-List for MCD-Z
access-list 121 permit tcp any host xxx.xxx.xxx.241 range 2100 2199
access-list 131 remark Access-List for LB-Z
access-list 131 permit tcp any host xxx.xxx.xxx.241 range 2000 2099
access-list 141 remark Access-List for TN-Z
access-list 141 permit tcp any host xxx.xxx.xxx.241 range 1800 1899
access-list 151 remark Access-List for BG-Z
access-list 151 permit tcp any host xxx.xxx.xxx.241 range 2200 2299
access-list 161 remark Access-List for SL_Z
access-list 161 permit tcp any host xxx.xxx.xxx.241 range 2300 2399
access-list 171 remark Access-List for FM-Z
access-list 171 permit tcp any host xxx.xxx.xxx.241 range 2400 2499
access-list 181 remark Access-List for D-Z
access-list 181 permit tcp any host xxx.xxx.xxx.241 range 2500 2599
access-list 191 remark Access-List for FMR-Z
access-list 191 permit tcp any host xxx.xxx.xxx.241 range 2600 2699
access-list 2201 remark Access-List for BP-Z
access-list 2201 permit tcp any host xxx.xxx.xxx.241 range 2700 2799
access-list 2211 remark Access-List for CB-Z
access-list 2211 permit tcp any host xxx.xxx.xxx.241 range 2800 2899
access-list 2219 remark Access-List for CB-PA
access-list 2219 permit tcp any host xxx.xxx.xxx.241 range 20000 30999
access-list 2221 remark Access-List for P-Z
access-list 2221 permit tcp any host xxx.xxx.xxx.241 range 2900 2999
access-list 2231 remark Access-List for GSPP-Z
access-list 2231 permit tcp any host xxx.xxx.xxx.241 range 4000 4099
access-list 2241 remark Access-List for TP-Z
access-list 2241 permit tcp any host xxx.xxx.xxx.241 range 4100 4199
access-list 2500 permit ip any any log
snmp-server community read RO 12
snmp-server location NOC
snmp-server contact sysadmin
snmp-server chassis-id sdrgthyjytjnn
snmp-server enable traps tty
!
control-plane
!
banner exec ^CConnected to $(hostname).$(domain) on $(line-desc) $(line).
use of this system constitutes your consent to monitoring.^C
banner motd ^CNOTICE TO USERS^C
!
line con 0
exec-timeout 30 0
login authentication AAA
line aux 0
exec-timeout 0 0
line vty 0 4
access-class 99 in
exec-timeout 30 0
login authentication AAA
transport input telnet
line vty 5 15
access-class 99 in
exec-timeout 30 0
login authentication AAA
transport input telnet
!
scheduler allocate 20000 1000
ntp logging
ntp clock-period 17179931
ntp access-group query-only 50
ntp access-group serve-only 51
ntp server 0.pool.ntp.org source GigabitEthernet0/0 prefer
!
end
2621 ROUTER CONFIG
-------------------
Building configuration...
Current configuration : 2086 bytes
!
version 12.2
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service linenumber
service pt-vty-logging
service sequence-numbers
!
hostname 2621-SR2
!
logging buffered 8192 debugging
aaa new-model
aaa authentication login AAA local line
enable :::::::::::::::::::::::::::::::
!
username :::::::::::::::::::::::::::::::::::::
clock timezone CDST -6
clock summer-time CDST date Mar 11 2012 2:00 Nov 4 2012 2:00
ip subnet-zero
!
!
!
ip cef
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.202.202.1 255.255.255.255
!
interface FastEthernet0/0
description uplink to 4506-L3-Sw1
ip address 10.201.201.6 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet0/1
description Uplink to 2924Sw1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.200
encapsulation dot1Q 200 native
ip address 10.200.200.1 255.255.255.248
!
router eigrp 100
redistribute connected
redistribute static
network 10.200.200.0 0.0.0.7
network 10.201.201.0 0.0.0.7
network 10.202.202.1 0.0.0.0
auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.200.200.6 permanent
ip route 10.1.1.0 255.255.255.248 10.201.201.1
ip route 10.33.33.0 255.255.255.0 10.200.200.6
ip route 10.113.113.0 255.255.255.0 10.200.200.6
ip route 10.120.111.0 255.255.255.0 10.201.201.1
ip route 10.120.120.0 255.255.255.0 10.200.200.6
ip route 10.120.121.0 255.255.255.0 10.201.201.1
ip route 10.120.131.0 255.255.255.0 10.201.201.1
ip http server
!
logging history debugging
logging facility local5
access-list 15 permit any log
access-list 100 permit ip any any log
!
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
access-class 99 in
exec-timeout 15 0
login authentication AAA
line vty 5 15
access-class 99 in
exec-timeout 15 0
login authentication AAA
!
end
Thanks for any and all help!