Solved

Cisco 837 problems

Posted on 2008-10-02
7
216 Views
Last Modified: 2010-04-12
Hi,
I'm just wondering if anyone experiences the same problems
MY ISP internet connection goes down quite alot, but it seems when it goes down the router (CISCO 837)won't re-establish its internet connection, it needs a reboot. Although for all I know it might not be a problem with my ISP, could it be a bug in the router? I'll post my config
Building configuration...
 

Current configuration : 7852 bytes

!

! Last configuration change at 09:38:49 London Thu Oct 2 2008

!

version 12.3

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname RTR01

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$a9Yz$JBVD6g0DCj8UXDqhLBpWZ/

enable password 

!

username support privilege 15 password 0 password

clock timezone London 0

clock summer-time London date Mar 30 2003 1:00 Oct 26 2003 2:00

no aaa new-model

ip subnet-zero

ip dhcp excluded-address 192.168.251.1 192.168.251.99

ip dhcp excluded-address 192.168.251.151 192.168.251.254

!

ip dhcp pool 

   import all

   network 192.168.251.0 255.255.255.0

   dns-server 62.24.128.17 62.24.128.18 

   default-router 192.168.251.1 

!

!

ip name-server 62.24.128.18

ip name-server 62.24.128.17

ip inspect name SDM_LOW cuseeme

ip inspect name SDM_LOW ftp

ip inspect name SDM_LOW h323

ip inspect name SDM_LOW icmp

ip inspect name SDM_LOW netshow

ip inspect name SDM_LOW rcmd

ip inspect name SDM_LOW realaudio

ip inspect name SDM_LOW rtsp

ip inspect name SDM_LOW sqlnet

ip inspect name SDM_LOW streamworks

ip inspect name SDM_LOW tftp

ip inspect name SDM_LOW tcp

ip inspect name SDM_LOW udp

ip inspect name SDM_LOW vdolive

ip inspect name sdm_ins_in_100 cuseeme

ip inspect name sdm_ins_in_100 ftp

ip inspect name sdm_ins_in_100 h323

ip inspect name sdm_ins_in_100 icmp

ip inspect name sdm_ins_in_100 netshow

ip inspect name sdm_ins_in_100 rcmd

ip inspect name sdm_ins_in_100 realaudio

ip inspect name sdm_ins_in_100 rtsp

ip inspect name sdm_ins_in_100 sqlnet

ip inspect name sdm_ins_in_100 streamworks

ip inspect name sdm_ins_in_100 tftp

ip inspect name sdm_ins_in_100 tcp

ip inspect name sdm_ins_in_100 udp

ip inspect name sdm_ins_in_100 vdolive

ip audit notify log

ip audit po max-events 100

no ftp-server write-enable

no scripting tcl init

no scripting tcl encdir

!

!

! 

!

crypto isakmp policy 1

 encr 3des

 authentication pre-share

 group 2

crypto isakmp key password address 90.152.x.x

!

!

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 

!

crypto map SDM_CMAP_1 1 ipsec-isakmp 

 description Tunnel to90.152.x.x

 set peer 90.152.x.x

 set transform-set ESP-3DES-SHA 

 match address 102

!

!

!

!

interface Ethernet0

 description $FW_INSIDE$

 ip address 192.168.251.1 255.255.255.0

 ip access-group 100 in

 ip nat inside

 hold-queue 100 out

!

interface ATM0

 no ip address

 no atm ilmi-keepalive

 dsl operating-mode auto

!

interface ATM0.1 point-to-point

 pvc 0/38 

  encapsulation aal5mux ppp dialer

  dialer pool-member 1

 !

!

interface FastEthernet1

 no ip address

 duplex auto

 speed auto

!

interface FastEthernet2

 no ip address

 duplex auto

 speed auto

!

interface FastEthernet3

 no ip address

 duplex auto

 speed auto

!

interface FastEthernet4

 no ip address

 duplex auto

 speed auto

!

interface Dialer0

 description $FW_OUTSIDE$

 ip address 62.24.x.x 255.255.255.252

 ip access-group 101 in

 ip nat outside

 ip inspect sdm_ins_in_100 in

 ip inspect SDM_LOW out

 encapsulation ppp

 dialer pool 1

 dialer-group 1

 ppp authentication chap pap callin

 ppp chap hostname ISPLOGIN

 ppp chap password 0 ISPLOGIN

 ppp pap sent-username ISPLOGIN password 0 ISPLOGIN

 crypto map SDM_CMAP_1

!

ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload

ip nat inside source static udp 192.168.251.90 445 interface Dialer0 445

ip nat inside source static tcp 192.168.251.90 445 interface Dialer0 445

ip nat inside source static tcp 192.168.251.90 139 interface Dialer0 139

ip nat inside source static udp 192.168.251.90 135 interface Dialer0 135

ip nat inside source static tcp 192.168.251.90 3389 interface Dialer0 3389

ip nat inside source static tcp 192.168.251.90 80 interface Dialer0 80

ip nat inside source static udp 192.168.251.90 136 interface Dialer0 136

ip nat inside source static udp 192.168.251.90 137 interface Dialer0 137

ip nat inside source static udp 192.168.251.90 138 interface Dialer0 138

ip nat inside source static udp 192.168.251.90 139 interface Dialer0 139

ip nat inside source static tcp 192.168.251.90 135 interface Dialer0 135

ip nat inside source static tcp 192.168.251.90 136 interface Dialer0 136

ip nat inside source static tcp 192.168.251.90 137 interface Dialer0 137

ip nat inside source static tcp 192.168.251.90 138 interface Dialer0 138

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

ip http server

ip http authentication local

ip http secure-server

!

!

access-list 1 remark INSIDE_IF=Ethernet0

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.168.251.0 0.0.0.255

access-list 100 remark auto generated by SDM firewall configuration

access-list 100 remark SDM_ACL Category=1

access-list 100 deny   ip 62.24.236.180 0.0.0.3 any

access-list 100 deny   ip host 255.255.255.255 any

access-list 100 deny   ip 127.0.0.0 0.255.255.255 any

access-list 100 permit ip any any

access-list 101 remark auto generated by SDM firewall configuration

access-list 101 remark SDM_ACL Category=1

access-list 101 remark Auto generated by SDM for NTP (123) 192.168.0.254

access-list 101 permit udp host 192.168.0.254 eq ntp host 62.24.x.x eq ntp

access-list 101 remark IPSec Rule

access-list 101 permit ip 192.168.0.0 0.0.0.255 192.168.251.0 0.0.0.255

access-list 101 permit udp host 90.152.x.x host 62.24.x.x eq non500-isakmp

access-list 101 permit udp host 90.152.x.x host 62.24.x.x eq isakmp

access-list 101 permit esp host 90.152.x.x host 62.24.x.x

access-list 101 permit ahp host 90.152.x.x host 62.24.x.x

access-list 101 permit tcp any host 62.24.x.x eq 135

access-list 101 permit tcp any host 62.24.x.x eq 136

access-list 101 permit tcp any host 62.24.x.x eq 137

access-list 101 permit tcp any host 62.24.x.x eq 138

access-list 101 permit tcp any host 62.24.x.x eq 139

access-list 101 permit tcp any host 62.24.x.x eq 445

access-list 101 permit udp any host 62.24.x.x eq 135

access-list 101 permit udp any host 62.24.x.x eq 136

access-list 101 permit udp any host 62.24.x.x eq netbios-ns

access-list 101 permit udp any host 62.24.x.x eq netbios-dgm

access-list 101 permit udp any host 62.24.x.x eq netbios-ss

access-list 101 permit udp any host 62.24.x.x eq 445

access-list 101 permit tcp any host 62.24.x.x eq 3389

access-list 101 permit tcp any host 62.24.x.x eq www

access-list 101 deny   ip 192.168.251.0 0.0.0.255 any

access-list 101 permit icmp any host 62.24.x.x

access-list 101 permit icmp any host 62.24.x.x echo-reply

access-list 101 permit icmp any host 62.24.x.x time-exceeded

access-list 101 permit icmp any host 62.24.x.x unreachable

access-list 101 deny   ip 10.0.0.0 0.255.255.255 any

access-list 101 deny   ip 172.16.0.0 0.15.255.255 any

access-list 101 deny   ip 192.168.0.0 0.0.255.255 any

access-list 101 deny   ip 127.0.0.0 0.255.255.255 any

access-list 101 deny   ip host 255.255.255.255 any

access-list 101 deny   ip host 0.0.0.0 any

access-list 101 deny   ip any any log

access-list 102 remark SDM_ACL Category=4

access-list 102 remark IPSec Rule

access-list 102 permit ip 192.168.251.0 0.0.0.255 192.168.0.0 0.0.0.255

access-list 103 remark SDM_ACL Category=2

access-list 103 remark IPSec Rule

access-list 103 deny   ip 192.168.251.0 0.0.0.255 192.168.0.0 0.0.0.255

access-list 103 permit ip 192.168.251.0 0.0.0.255 any

dialer-list 1 protocol ip permit

route-map SDM_RMAP_1 permit 1

 match ip address 103

!

!

control-plane

!

!

line con 0

 no modem enable

 transport preferred all

 transport output all

line aux 0

 transport preferred all

 transport output all

line vty 0 4

 privilege level 15

 password password

 login local

 transport preferred all

 transport input telnet ssh

 transport output all

!

scheduler max-task-time 5000

sntp server 192.168.0.254

!

end

Open in new window

0
Comment
Question by:Dan560
7 Comments
 
LVL 13

Expert Comment

by:Quori
ID: 22622257
When it happens, run a debug ppp authentication and see what happens.

I'd guess that it isn't logging in as a reconnection would be treated as a callout.
0
 
LVL 2

Author Comment

by:Dan560
ID: 22622290
I only administer it remotley, which is a bit of  a problem when know one thats down on that site knows how to configure it
0
 
LVL 4

Accepted Solution

by:
damalano earned 500 total points
ID: 22622658
I'm never sure about a ATM0.1 I always configure ATM directly. I have seen the same problem and i fixed it by writing the config myself and not throuh web interface.

in your case:
interface ATM0
no ip address
 no ip directed-broadcast
 load-interval 30
 no atm ilmi-keepalive
 pvc 0/38
 encapsulation aal5mux ppp dialer
 dialer pool-member 1
 dsl operating-mode auto
 no shutdown

make a backup of the running config and try this.
Good luck
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 10

Expert Comment

by:ampranti
ID: 22624599
Try an IOS upgrade. This problem shouldnt appear...
0
 
LVL 2

Author Comment

by:Dan560
ID: 22624632
I dont have a support contract with cisco
0
 
LVL 10

Expert Comment

by:ampranti
ID: 22624659
Contact me for details
0
 
LVL 2

Author Comment

by:Dan560
ID: 22624683
okie dokie
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you …
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now