请教CISCO 1841路由器设置

都给配置，那我也给套吧哈哈。。。
首先清除掉cisco的预配置，注意最好一启动就清空，要不断电再弄就要破密码了。
清空的办法：
第一次连接的用户名和密码都是cisco
进到config模式后
> enable
# config t
输入 config-register 0x2142
end
wr
reload
第2次进入的时候就是空配置了，不需要输入密码了，
> enable
# config t
config-register 0x2102
end
wr

开始配置：
> enable
# config t
interface f0/1
ip address 221.212.75.1 255.255.255.252
ip nat outside
interface f0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
access-list 100 permit ip 192.168.1.100 0.0.0.3 any
access-list 100 permit ip 192.168.1.104 0.0.0.3 any
access-list 100 permit ip host 192.168.1.8 any
access-list 100 permit ip host 192.168.1.9 any
access-list 100 permit ip host 192.168.1.10 any
======== PAT==========
ip nat inside source list 100 interface f0/1 overload
ip route 0.0.0.0 0.0.0.0 221.212.75.2

其他的基本配置：
line 0
password cisco
line vty 0 ?
passoword cisco
enable password cisco
enable sercert cisco

============= 安全基本配置 ===========
ip access-list extend reflect-ACL
permit ip 221.212.75.1 0.0.0.3 any reflect INT timeout 60
deny ip any any
ip access-list extend out-side
evaluate INT
deny ip any any

调用：
interface f0/1
ip access-group out-side in
ip access-group reflect-ACL out

楼上的acl配置有点怪，我也给套配置，希望能帮到lz
object-group network pc
range 192.168.1.101 192.168.1.110

ip access-list extended pc1
permit ip object-group pc any

ip nat inside source list pc1 interface F1 overload

ip route 0.0.0.0 0.0.0.0 221.212.75.2
interface F1
ip address 221.212.75.1 255.255.255.252
ip nat outside
interface F0 （内网网关）
ip address 192.168.1.1 255.255.255.0
ip nat inside

外网口静态的IP，221,212,75.1.一般应配置NAT默认路由及相关安全策略，及路由优化策略。
en
conf t
access-list 110 permit ip 192.168.1.101 0.0.0.0 192.168.1.110 0.0.0.0 any
ip nat pool NAT 221.212.75.1 221.212.75.1 netmask 255.255.255.252
ip nat inside source list 110 pool NAT overload
ip route 0.0.0.0 0.0.0.0 221.212.75.2
interface F1
ip address 221.212.75.1 255.255.255.252
ip nat outside
interface F0 （内网网关）
ip address 192.168.1.1 255.255.255.0
ip nat inside
这样应该就能上网，相关安全策略和优化策略另配。