Cisco ACL & NAT

http://img524.imageshack.us/img524/3240/netm.png
^Here is the Topology^

RIPv2 is on all Routers. I just want to know what router gets the ACLs
I have most of the commands down I just need to know where to put them.

Configuring Access Control List:

-To allow telnet to R1 & R3 from R2 only
access-list 101 permit tcp ip? eq telnet
access-list 101 permit tcp ip? eq telnet
Whose IP would I use?^

-Do not allow HTTP, Telnet, and FTP traffic from the internet(There is a internet cloud off of R2) to PC1
access-list 102 deny tcp any eq 80 host 10.0.0.10
access-list 102 deny tcp any eq 23 host 10.0.0.10
access-list 102 deny tcp any eq 21 host 10.0.0.10
access-list 102 deny tcp any eq 20 host 10.0.0.10
What router do I put those on?^ This is a Extended ACL

-Do not allow PC1 to receive traffic from the 10.0.0.128/25 network
access-list 102 deny tcp 10.0.0.1 0.0.0.127 host 10.0.0.10
Which router would I put this on?

**After these ACLs PC3 should not ping PC1 still can ping the default gateway of PC1-10.0.0.1

Configuring NAT:

-Allow PC3 to ping PC1
Where am I configuring NAT?

 

Alright I have got all the ACL stuff done. Here is what I got for the ACLs

Step 1: Allow telnet login to R1 & R3 from only R3
R1
access-list 101 permit tcp 172.16.0.2 0.0.0.3 172.16.0.1 0.0.0.3 eq telnet
access-list 101 deny tcp any any eq telnet
access-list 101 permit ip any any
*Then I have to apply it to the interfaces:
interface s0/0/0
ip access-group 101 in
exit
interface s0/0/1
ip access-group 101 in
R3:
access-list 101 permit tcp 172.16.0.5 0.0.0.3 172.16.0.6 0.0.0.3 eq telnet
access-list 101 deny tcp any any eq telnet
access-list 101 permit ip any any
*Then I have to apply it to the interfaces:
interface s0/0/1
ip access-group 101 in
exit
interface s0/0/0
ip access-group 101 in
exit
Step 2: Do not allow HTTP, Telnet, and FTP traffic from the Internet to PC1
R1:
access-list 102 deny tcp any eq 80 host 10.0.0.10
access-list 102 deny tcp any eq 23 host 10.0.0.10
access-list 102 deny tcp any eq 21 host 10.0.0.10
access-list 102 deny tcp any eq 20 host 10.0.0.10
access-list 102 permit ip any any
*Then I have to apply the ACL to the interface
interface fa0/1
ip access-group 102 out
exit
Step 3: Do not allow PC1 to receive traffic from the 10.0.0.128/25 network
R3
access-list 102 deny ip 10.0.0.128 0.0.0.127 host 10.0.0.10
access-list 102 permit ip any any
*Applying it
interface fa0/1
ip access-group 102 in
Now PC3 should not ping PC1 but can ping its default gateway 10.0.0.1

Then with NAT overload I should be able to ping both networks the PCs are on.

I just cannot get the NAT overload to work...

Here is the network diagram with all the IP addresses:
http://img411.imageshack.us/img411/5060/net.png

 

Well I figured it out LOL
For the NAT overload on R3:
ip nat pool ping 10.0.0.129 10.0.0.254 netmask 255.255.255.128
access-list 110 permit icmp any any
ip nat inside source list 110 pool ping overload
int fa0/1
ip access-group 110 in
*
interface fa0/1
ip nat inside
exit
interface s0/0/0
ip nat outside
exit
interface s0/0/1
ip nat outside
exit

 

hi there

can you please show me the full solution for this question?

 

What would you like to know about the problem?