Advertisement

07.23.2008 at 05:48AM PDT, ID: 23588206
[x]
Attachment Details

Cisco 1811W keep failing after 1 to 2 hours

Asked by LnxOne in Cisco PIX Firewall, Network Routers, Virtual Private Networking (VPN)

Tags: Cisco, Cisco Router/Firewall/VPN, 1811W

Help!

I just configured Cisco router 1811W for my office to connect to an ISP.  Things are working pretty good until 2 hours later the connection from my Cisco 1811W router to the ISP CSU/DSU keep dropping. It keeps doing this for over a week and it's driving crazy!!!

Here is my current configure file:

FE0: ip address 146.xxx.xxx.178  ==>> ISP CSU/DSU Interface:  146.xxx.xxx.177
Internal gateway BVI1: 192.168.xxx.65

Here are my Nating table:
ip nat inside source static 192.168.xxx.65 146.xxx.xxx.178
ip nat inside source static 192.168.xxx.67 146.xxx.xxx.179
ip nat inside source static tcp 192.168.xxx.67 80 interface FA0 80
ip nat inside source static tcp 192.168.xxx.67 110 interface FA0 110

Here is my ip routes:
ip route 0.0.0.0 0.0.0.0 146.xxx.xxx.177
router rip
 version 2
 passive-interface FastEthernet0
 passive-interface BVI1
 network 146.xxx.0.0
 network 192.168.xxx.0
 no auto-summary

...

Below text is my show run command:

!This is the show startup-config output of the router: show startup-config
!----------------------------------------------------------------------------

Using 8057 out of 196600 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C1811W
!
boot-start-marker
boot-end-marker
!
logging buffered 5xxx0 debugging
enable secret 5 xxxxxxxxxxxxxxxxxxxx
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
!
aaa session-id common
!
resource policy
!
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 xxx3 2:00 Oct 26 xxx3 2:00
!
!
ip cef
ip dhcp excluded-address 192.168.2.0 192.168.2.254
ip dhcp excluded-address 192.168.xxx.65 192.168.xxx.80
!
!
ip domain name localdomain.local
ip name-server 192.168.xxx.70
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
ip inspect name SDM_LOW esmtp
!
appfw policy-name SDM_LOW
  application http
!
password encryption aes
!
crypto pki trustpoint TP-self-signed-4072465080
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4072465080
 revocation-check none
 rsakeypair TP-self-signed-4072465080
!
!
crypto pki certificate chain TP-self-signed-4072465080
 certificate self-signed 01 nvram:IOS-Self-Sig#3005.cer
!
!
class-map match-any sdm_p2p_kazaa
 match protocol fasttrack
 match protocol kazaa2
class-map match-any sdm_p2p_edonkey
 match protocol edonkey
class-map match-any sdm_p2p_gnutella
 match protocol gnutella
class-map match-any sdm_p2p_bittorrent
 match protocol bittorrent
!
!
policy-map sdmappfwp2p_SDM_MEDIUM
 class sdm_p2p_gnutella
 class sdm_p2p_bittorrent
 class sdm_p2p_edonkey
 class sdm_p2p_kazaa
!
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp policy 2
 encr 3des
 hash md5
 authentication pre-share
 group 2
!
crypto isakmp client configuration group RVPN-SN20
 key xxxxxxxxxxxxxxxx
 dns 192.168.xxx.70
 wins 192.168.xxx.70
 domain localdomain
 pool VPN-PL20
 max-users 50
 netmask 255.255.255.192
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto ipsec profile RVPN-SN20
 set transform-set ESP-3DES-SHA
!
!
crypto dynamic-map SDM_DYNMAP_2 1
 set transform-set ESP-3DES-SHA
!
!
crypto map SDM_CMAP_2 client authentication list sdm_vpn_xauth_ml_1
crypto map SDM_CMAP_2 isakmp authorization list sdm_vpn_group_ml_1
crypto map SDM_CMAP_2 client configuration address respond
crypto map SDM_CMAP_2 65535 ipsec-isakmp dynamic SDM_DYNMAP_2
!
bridge irb
!
!
!
interface FastEthernet0
 description $ETH-LAN$$FW_OUTSIDE$
 ip address 146.xxx.xxx.178 255.255.255.248
 ip access-group 101 in
 ip verify unicast reverse-path
 ip nat outside
 ip inspect SDM_LOW out
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet1
 no ip address
 ip nat outside
 ip virtual-reassembly
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2
 description VLAN1
!
interface FastEthernet3
 description VLAN1
!
interface FastEthernet4
 description VLAN1
!
interface FastEthernet5
 description VLAN1
!
interface FastEthernet6
 description VLAN1
!
interface FastEthernet7
 description VLAN1
!
interface FastEthernet8
 description VLAN1
!
interface FastEthernet9
 description VLAN1
!
interface Dot11Radio0
 description VL1- VLAN1
 no ip address
 !
 encryption vlan 1 mode ciphers tkip
 !
 ssid MY-WLAN
    vlan 1
    authentication open
    authentication key-management wpa
    wpa-psk ascii 0 xxxxxxxxxxxxxxxx
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 basic-24.0 36.0 48.0 54.0
 rts threshold 2312
 power local cck 20
 power local ofdm 17
 channel 2462
 station-role root
!
interface Dot11Radio0.1
 description VL1- VLAN1
 encapsulation dot1Q 1 native
 no snmp trap link-status
 no cdp enable
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 ip virtual-reassembly
 shutdown
 speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
 description BVI1$ETH-SW-LAUNCH$$INTF-INFO-FE 2$
 no ip address
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface Async1
 no ip address
 ip virtual-reassembly
 encapsulation slip
!
interface BVI1
 description VL1- VLAN1$FW_INSIDE$
 ip address 192.168.xxx.65 255.255.255.192
 ip access-group 100 in
 no ip redirects
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1300
 crypto map SDM_CMAP_2
!
router rip
 version 2
 passive-interface FastEthernet0
 passive-interface BVI1
 network 146.xxx.0.0
 network 192.168.xxx.0
 no auto-summary
!
ip route 0.0.0.0 0.0.0.0 146.xxx.xxx.177
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat Stateful id 1
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0 overload
ip nat inside source static tcp 192.168.xxx.67 110 interface FastEthernet0 110
ip nat inside source static tcp 192.168.xxx.67 80 interface FastEthernet0 80
ip nat inside source static 192.168.xxx.65 146.xxx.xxx.178
ip nat inside source static 192.168.xxx.67 146.xxx.xxx.179
!
ip access-list extended RMC_Out
 remark SDM_ACL Category=2
 deny   ip host 192.168.xxx.67 any
 deny   ip host 192.168.xxx.65 any
 permit ip any any
!
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ahp any host 192.168.xxx.65
access-list 100 permit esp any host 192.168.xxx.65
access-list 100 permit udp any host 192.168.xxx.65 eq isakmp
access-list 100 permit udp any host 192.168.xxx.65 eq non500-isakmp
access-list 100 deny   ip 146.xxx.xxx.176 0.0.0.7 any
access-list 100 deny   ip host 255.255.255.255 any
access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp any host 146.xxx.xxx.179
access-list 101 permit tcp any host 146.xxx.xxx.179
access-list 101 permit udp any host 146.xxx.xxx.178
access-list 101 permit tcp any host 146.xxx.xxx.178
access-list 101 permit tcp any host 146.xxx.xxx.178 eq www
access-list 101 permit tcp any host 146.xxx.xxx.178 eq pop3
access-list 101 deny   ip 192.168.xxx.64 0.0.0.63 any
access-list 101 permit icmp any host 146.xxx.xxx.178 echo-reply
access-list 101 permit icmp any host 146.xxx.xxx.178 time-exceeded
access-list 101 permit icmp any host 146.xxx.xxx.178 unreachable
access-list 101 permit udp any any eq rip
access-list 101 permit ip any host 224.0.0.9
access-list 101 deny   ip 10.0.0.0 0.255.255.255 any
access-list 101 deny   ip 172.16.0.0 0.15.255.255 any
access-list 101 deny   ip 192.168.0.0 0.0.255.255 any
access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
access-list 101 deny   ip host 255.255.255.255 any
access-list 101 deny   ip host 0.0.0.0 any
access-list 101 deny   ip any any log
!
!
!
route-map SDM_RMAP_1 permit 1
 match ip address RMC_Out
!
!
!
!
control-plane
!
bridge 1 route ip
!
line con 0
line 1
 modem InOut
 stopbits 1
 speed 115xxx
 flowcontrol hardware
line aux 0
line vty 0 4
 transport input ssh
!
!
webvpn context Default_context
 ssl authenticate verify all
 !
 no inservice
!
end

Start Free Trial
[+][-]07.23.2008 at 10:23AM PDT, ID: 22071602

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.23.2008 at 10:40AM PDT, ID: 22071808

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.23.2008 at 11:13AM PDT, ID: 22072152

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.23.2008 at 11:14AM PDT, ID: 22072163

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.23.2008 at 11:29AM PDT, ID: 22072331

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.23.2008 at 11:44AM PDT, ID: 22072494

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.24.2008 at 05:24AM PDT, ID: 22078267

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.24.2008 at 05:38AM PDT, ID: 22078376

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.24.2008 at 06:02AM PDT, ID: 22078605

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.31.2008 at 11:04AM PDT, ID: 22132017

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.31.2008 at 11:19AM PDT, ID: 22132154

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.31.2008 at 12:06PM PDT, ID: 22132570

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.05.2008 at 06:01AM PDT, ID: 22160419

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.05.2008 at 06:25AM PDT, ID: 22160617

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08.05.2008 at 09:32AM PDT, ID: 22162598

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.05.2008 at 10:47AM PDT, ID: 22163279

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.05.2008 at 05:25PM PDT, ID: 22166276

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08.06.2008 at 06:33AM PDT, ID: 22169977

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.06.2008 at 06:56AM PDT, ID: 22170207

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08.06.2008 at 07:35AM PDT, ID: 22170676

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.07.2008 at 10:43AM PDT, ID: 22183382

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.08.2008 at 01:15PM PDT, ID: 22193294

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.08.2008 at 01:31PM PDT, ID: 22193410

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08.11.2008 at 06:43AM PDT, ID: 22204242

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.11.2008 at 06:45AM PDT, ID: 22204265

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08.11.2008 at 06:46AM PDT, ID: 22204277

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.11.2008 at 06:49AM PDT, ID: 22204294

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.12.2008 at 07:04AM PDT, ID: 22213174

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.12.2008 at 08:13AM PDT, ID: 22213945

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Cisco PIX Firewall, Network Routers, Virtual Private Networking (VPN)
Tags: Cisco, Cisco Router/Firewall/VPN, 1811W
Sign Up Now!
Solution Provided By: JFrederick29
Participating Experts: 2
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628