T1 Bandwidth Congestion (Cisco 2811)

We have a new Cisco 2811 router with a T1 WIC. The new router includes the SDM (web) interface. Even before we purchased the router, we knew we were experiencing a bandwidth problem (slow response times on internet, slow downloads, etc.) Now, with the SDM interface, we can view the available bandwidth on the T1. But it seems that 100% of our T1 bandwidth is being used alot of the time -- and the traffic is mostly incoming. If not at %100, then it is usually above 65-70.The internet is very slow for our users and we cannot find the source. This is small-to-medium sized school district with a schedule that would make it difficult for many users to be on the internet at one time downloading files, etc.

We even temporarily setup an Ipcop linux router and, with DHCP, caused IP traffic to go through the Ipcop router. Ipcop has nice network graphs that show the incoming/outgoing load. I also used the "iptraf" utility on the Ipcop box to monitor workstation IP traffic. Even using both, we cannot find a workstation or group of workstations that are causing the problem. In fact, the traffic going through the Ipcop was under 100kb/sec total.

A few months ago we borrowed a very nice Fluke appliance to test our network for problems. Nothing major was found and response times across the LAN (through the core switch connected to the router) are great.

Any suggestions on what might be causing the bandwidth congestion?