I recently got almost brand new Cisco 2911 router and Cisco 2960 switch for free from school. I've been configuring both a little bit in school so I can handle the basic stuff. I currently live in an older apartment where a coaxial cable comes into ISP's provided router. The router also happens to be a Cisco device (Cisco EPC3825). This router is wireless with four ethernet ports. Now, 2911 does not have a coaxial input so I have to put ISP's router before Cisco 2911 in my setup. This setup will be a temporary one and I am just testing how things work out. I am moving sooner to a newer apartment where there will be ethernet ports in the walls so I can move my ISP's router behind 2911.

I know my public IP address and ISP's provided gateway and DNS-servers. Currently ISP's router's LAN IP is 192.168.1.1. I connected from first ethernet port of the ISP's router into 2911's GigabitEthernet0/0 port. I gave an IP address of 192.168.1.2 to the 2911's 0/0 port. From GigabitEthernet0/1 goes ethernet cable into my 2960 switch and from there on it goes to my desktop machine and server machine. In the future I connect the ISP's router into the 2960. Currently I haven't made any changes into ISP's router's settings. They are pretty much factory defaults.

The network I have given to my LAN devices behind 2911 is 172.17.1.0/24. The 2911's 0/1 port has IP address of 172.17.1.1. The 2960 switch has IP address of 172.17.1.2. I installed a DHCP server on the 2911 router and when I connect my laptop into the switch it gives me an IP address from 172.17.1.10-172.17.1.250 area. Now I can ping from laptop the 2960 switch, 2911 router's both ports and the ISP's router. But then I cannot ping google's public DNS (8.8.8.8) nor ISP's provided gateway for example. I have desktop computer plugged straight into ISP's router, and internet works very well from there. Also if I connect my laptop via wireless into the ISP's router, internet works very well. But from either setup (desktop into ISP router or laptop via wireless into ISP router) I can only ping Cisco 2911's 0/0 port but not behind that. From the 2911 itself I cannot ping to either laptop nor desktop machine even when they have their firewalls off.

Here is the config of the 2911 router:

Current configuration : 1528 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 172.17.1.1 172.17.1.10
!
ip dhcp pool LAN_POOL
 network 172.17.1.0 255.255.255.0
 default-router 172.17.1.1
 dns-server 8.8.8.8 8.8.4.4
 lease 7
!
!
!
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
!
!
!
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 ip address 192.168.1.2 255.255.255.0
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 ip address 172.17.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/2
 no ip address
 shutdown
 duplex auto
 speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 23 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
!
!
!
access-list 23 permit 172.17.1.0 0.0.0.25
!
control-plane
!
!
!
line con 0
 password 7 091D1C5A4A11141E
 login
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 password 7 0257560858120C2D
 login
 transport input none
!
scheduler allocate 20000 1000
!
end

As you can see from the configs I have tried to add static routing and playing with the NAT, neither one giving any results. What I am trying to achieve here is to connect to internet behind 2911 router, and to connect from internet to my server machine behind 2911 router. The solution may be simple but I just can't see it.