Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cisco 1605 router freezing

Reply
Thread Tools

Cisco 1605 router freezing

 
 
John Nordien
Guest
Posts: n/a
 
      12-16-2004
I have a Cisco 1605R router as my gateway to the internet. Recently the
router has become unreliable and prone to hanging in the middle of the
night. It has also done this during the day. When the router hangs there
is no response from any port. Even the console port is unresponsive. The
only recourse is to power cycle the router. My config is below. I don't
see what could be causing the failures. The only thing I can point my
finger at is the NAT entries for TCP 80 & 8081 fwd to an internal
webserver. I have a syslog server & am trying to capture debug information
but there is nothing.
Any ideas out there?

************************************************** *******
Router#sh ver
Cisco Internetwork Operating System Software
IOS (tm) 1600 Software (C1600-NOSY-M), Version 12.2(2)T, RELEASE SOFTWARE
(fc1)

TAC Support: http://www.cisco.com/cgi-bin/ibld/view.pl?i=support
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Sat 02-Jun-01 17:08 by ccai
Compiled Sat 02-Jun-01 17:08 by ccai

ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
ROM: 1600 Software (C1600-RBOOT-R), Version 12.0(3)T, RELEASE SOFTWARE
(fc1)

Router uptime is 11 hours, 20 minutes
System returned to ROM by power-on
System restarted at 06:03:57 CST Thu Dec 16 2004
System image file is "flash:c1600-nosy-mz.122-2.T.bin"

cisco 1605 (68360) processor (revision C) with 18432K/6144K bytes of memory.
Processor board ID 21576827, with hardware revision 00000003
Bridging software.
X.25 software, Version 3.0.0.
2 Ethernet/IEEE 802.3 interface(s)
1 Serial(sync/async) network interface(s)
System/IO memory with parity disabled
8192K bytes of DRAM onboard 16384K bytes of DRAM on SIMM
System running from RAM
7K bytes of non-volatile configuration memory.
16384K bytes of processor board PCMCIA flash (Read/Write)

Configuration register is 0x2102

************************************************** *******
Router#sh run
Building configuration...

Current configuration : 4803 bytes
!
version 12.2
no parser cache
no service single-slot-reload-enable
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname <Router>
!
boot system flash:
logging buffered 4096 notifications
logging rate-limit console 10 except errors
enable password <removed>
!
username <removed> password <removed>
clock timezone CST -6
ip subnet-zero
no ip domain-lookup
!
ip inspect max-incomplete high 1100
ip inspect one-minute high 1100
ip inspect name Ethernet_0 tcp
ip inspect name Ethernet_0 udp
ip inspect name Ethernet_0 cuseeme
ip inspect name Ethernet_0 ftp
ip inspect name Ethernet_0 h323
ip inspect name Ethernet_0 rcmd
ip inspect name Ethernet_0 realaudio
ip inspect name Ethernet_0 smtp
ip inspect name Ethernet_0 streamworks
ip inspect name Ethernet_0 vdolive
ip inspect name Ethernet_0 sqlnet
ip inspect name Ethernet_0 tftp
no ip dhcp-client network-discovery
async-bootp dns-server 10.0.0.6
async-bootp nbns-server 10.0.0.6
vpdn enable
!
vpdn-group 1
request-dialin
protocol pppoe
!
vpdn-group VPN-PPTP
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 2
!
!
!
!
interface Ethernet0
description Internal LAN
ip address 10.0.0.1 255.0.0.0
ip nat inside
no ip route-cache
no ip mroute-cache
no cdp enable
!
interface Ethernet1
description connected to Internet
no ip address
no ip route-cache
no ip mroute-cache
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
!
interface Virtual-Template2
description VPN client interface. NOT USED
ip unnumbered Ethernet0
peer default ip address pool VPNclients
ppp authentication ms-chap
!
interface Serial0
no ip address
shutdown
no cdp enable
!
interface Dialer1
description Connected to Internet
ip address negotiated
ip access-group 101 in
ip nat outside
ip inspect Ethernet_0 out
encapsulation ppp
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp pap sent-username <removed> password <removed>
ip local pool VPNclients 10.250.0.1 10.250.0.99
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 10.0.0.9 8081 <removed> 80 extendable
ip nat inside source static tcp 10.0.0.14 20 <removed> 20 extendable
ip nat inside source static tcp 10.0.0.14 21 <removed> 21 extendable
ip nat inside source static tcp 10.0.0.10 443 <removed> 443 extendable
ip nat inside source static tcp 10.0.0.10 25 <removed> 25 extendable
ip nat inside source static tcp 10.0.0.12 3389 <removed> 3389 extendable
ip nat inside source static tcp 10.0.0.9 8081 <removed> 8081 extendable
ip nat inside source static tcp 10.0.0.1 23 <removed> 23 extendable
ip nat inside source static tcp 10.0.0.32 5910 <removed> 5910 extendable
ip nat inside source static tcp 10.0.0.7 1723 <removed> 1723 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 192.168.0.0 255.255.0.0 10.0.0.6
no ip http server
!
logging trap debugging
logging 10.0.0.5
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 101 remark ACL inbound from Internet
access-list 101 permit icmp any any unreachable
access-list 101 permit icmp any any packet-too-big
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any traceroute
access-list 101 permit tcp any any eq ftp-data
access-list 101 permit tcp any any eq ftp
access-list 101 permit tcp any any eq smtp
access-list 101 permit tcp any any eq telnet
access-list 101 permit tcp any any eq www
access-list 101 permit tcp any any eq 443
access-list 101 permit tcp any any eq 1723
access-list 101 permit tcp any any eq 3389
access-list 101 permit tcp any any eq 5910
access-list 101 permit tcp any any eq 8081
access-list 101 permit gre any any
access-list 101 permit udp any any eq ntp
access-list 101 deny tcp any any eq 135
access-list 101 deny tcp any any eq 137
access-list 101 deny tcp any any eq 138
access-list 101 deny tcp any any eq 139
access-list 101 deny tcp any any eq 445
access-list 101 deny tcp any any eq 464
access-list 101 deny tcp any any eq 1434
access-list 101 deny tcp any any eq 1512
access-list 101 deny udp any any eq 135
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny udp any any eq 1434
access-list 101 deny udp any any eq 1512
access-list 101 deny ip any any log
no cdp run
!
!
banner motd ^C
********************************************
* AUTHORIZED ACCESS ONLY *
* DO NOT attempt to login. *
********************************************

^C
!
line con 0
exec-timeout 0 0
password <removed>
login
line vty 0 4
password <removed>
login
!
sntp server 10.0.0.6
end


 
Reply With Quote
 
 
 
 
cisco-forum.com
Guest
Posts: n/a
 
      12-18-2004
What was the last change made to the 1605? even if you don't think it's
related.

Other strategies, you could sniff inside and outside of the 1600 to see if
certain traffic is causing the lock up or you can minimize the config to
it's most basic to see if a command/technology is causing the issue.

Regards,
Steve
http://www.cisco-forum.com

"John Nordien" <(E-Mail Removed)> wrote in message
news:v9pwd.2835$(E-Mail Removed)...
>I have a Cisco 1605R router as my gateway to the internet. Recently the
> router has become unreliable and prone to hanging in the middle of the
> night. It has also done this during the day. When the router hangs there
> is no response from any port. Even the console port is unresponsive. The
> only recourse is to power cycle the router. My config is below. I don't
> see what could be causing the failures. The only thing I can point my
> finger at is the NAT entries for TCP 80 & 8081 fwd to an internal
> webserver. I have a syslog server & am trying to capture debug
> information
> but there is nothing.
> Any ideas out there?
>
> ************************************************** *******
> Router#sh ver
> Cisco Internetwork Operating System Software
> IOS (tm) 1600 Software (C1600-NOSY-M), Version 12.2(2)T, RELEASE SOFTWARE
> (fc1)
>
> TAC Support: http://www.cisco.com/cgi-bin/ibld/view.pl?i=support
> Copyright (c) 1986-2001 by cisco Systems, Inc.
> Compiled Sat 02-Jun-01 17:08 by ccai
> Compiled Sat 02-Jun-01 17:08 by ccai
>
> ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
> ROM: 1600 Software (C1600-RBOOT-R), Version 12.0(3)T, RELEASE SOFTWARE
> (fc1)
>
> Router uptime is 11 hours, 20 minutes
> System returned to ROM by power-on
> System restarted at 06:03:57 CST Thu Dec 16 2004
> System image file is "flash:c1600-nosy-mz.122-2.T.bin"
>
> cisco 1605 (68360) processor (revision C) with 18432K/6144K bytes of
> memory.
> Processor board ID 21576827, with hardware revision 00000003
> Bridging software.
> X.25 software, Version 3.0.0.
> 2 Ethernet/IEEE 802.3 interface(s)
> 1 Serial(sync/async) network interface(s)
> System/IO memory with parity disabled
> 8192K bytes of DRAM onboard 16384K bytes of DRAM on SIMM
> System running from RAM
> 7K bytes of non-volatile configuration memory.
> 16384K bytes of processor board PCMCIA flash (Read/Write)
>
> Configuration register is 0x2102
>
> ************************************************** *******
> Router#sh run
> Building configuration...
>
> Current configuration : 4803 bytes
> !
> version 12.2
> no parser cache
> no service single-slot-reload-enable
> no service pad
> service timestamps debug uptime
> service timestamps log uptime
> service password-encryption
> !
> hostname <Router>
> !
> boot system flash:
> logging buffered 4096 notifications
> logging rate-limit console 10 except errors
> enable password <removed>
> !
> username <removed> password <removed>
> clock timezone CST -6
> ip subnet-zero
> no ip domain-lookup
> !
> ip inspect max-incomplete high 1100
> ip inspect one-minute high 1100
> ip inspect name Ethernet_0 tcp
> ip inspect name Ethernet_0 udp
> ip inspect name Ethernet_0 cuseeme
> ip inspect name Ethernet_0 ftp
> ip inspect name Ethernet_0 h323
> ip inspect name Ethernet_0 rcmd
> ip inspect name Ethernet_0 realaudio
> ip inspect name Ethernet_0 smtp
> ip inspect name Ethernet_0 streamworks
> ip inspect name Ethernet_0 vdolive
> ip inspect name Ethernet_0 sqlnet
> ip inspect name Ethernet_0 tftp
> no ip dhcp-client network-discovery
> async-bootp dns-server 10.0.0.6
> async-bootp nbns-server 10.0.0.6
> vpdn enable
> !
> vpdn-group 1
> request-dialin
> protocol pppoe
> !
> vpdn-group VPN-PPTP
> ! Default PPTP VPDN group
> accept-dialin
> protocol pptp
> virtual-template 2
> !
> !
> !
> !
> interface Ethernet0
> description Internal LAN
> ip address 10.0.0.1 255.0.0.0
> ip nat inside
> no ip route-cache
> no ip mroute-cache
> no cdp enable
> !
> interface Ethernet1
> description connected to Internet
> no ip address
> no ip route-cache
> no ip mroute-cache
> pppoe enable
> pppoe-client dial-pool-number 1
> no cdp enable
> !
> interface Virtual-Template2
> description VPN client interface. NOT USED
> ip unnumbered Ethernet0
> peer default ip address pool VPNclients
> ppp authentication ms-chap
> !
> interface Serial0
> no ip address
> shutdown
> no cdp enable
> !
> interface Dialer1
> description Connected to Internet
> ip address negotiated
> ip access-group 101 in
> ip nat outside
> ip inspect Ethernet_0 out
> encapsulation ppp
> no ip mroute-cache
> dialer pool 1
> dialer-group 1
> no cdp enable
> ppp pap sent-username <removed> password <removed>
> ip local pool VPNclients 10.250.0.1 10.250.0.99
> ip nat inside source list 1 interface Dialer1 overload
> ip nat inside source static tcp 10.0.0.9 8081 <removed> 80 extendable
> ip nat inside source static tcp 10.0.0.14 20 <removed> 20 extendable
> ip nat inside source static tcp 10.0.0.14 21 <removed> 21 extendable
> ip nat inside source static tcp 10.0.0.10 443 <removed> 443 extendable
> ip nat inside source static tcp 10.0.0.10 25 <removed> 25 extendable
> ip nat inside source static tcp 10.0.0.12 3389 <removed> 3389 extendable
> ip nat inside source static tcp 10.0.0.9 8081 <removed> 8081 extendable
> ip nat inside source static tcp 10.0.0.1 23 <removed> 23 extendable
> ip nat inside source static tcp 10.0.0.32 5910 <removed> 5910 extendable
> ip nat inside source static tcp 10.0.0.7 1723 <removed> 1723 extendable
> ip classless
> ip route 0.0.0.0 0.0.0.0 Dialer1
> ip route 192.168.0.0 255.255.0.0 10.0.0.6
> no ip http server
> !
> logging trap debugging
> logging 10.0.0.5
> access-list 1 permit 10.0.0.0 0.255.255.255
> access-list 101 remark ACL inbound from Internet
> access-list 101 permit icmp any any unreachable
> access-list 101 permit icmp any any packet-too-big
> access-list 101 permit icmp any any time-exceeded
> access-list 101 permit icmp any any echo-reply
> access-list 101 permit icmp any any traceroute
> access-list 101 permit tcp any any eq ftp-data
> access-list 101 permit tcp any any eq ftp
> access-list 101 permit tcp any any eq smtp
> access-list 101 permit tcp any any eq telnet
> access-list 101 permit tcp any any eq www
> access-list 101 permit tcp any any eq 443
> access-list 101 permit tcp any any eq 1723
> access-list 101 permit tcp any any eq 3389
> access-list 101 permit tcp any any eq 5910
> access-list 101 permit tcp any any eq 8081
> access-list 101 permit gre any any
> access-list 101 permit udp any any eq ntp
> access-list 101 deny tcp any any eq 135
> access-list 101 deny tcp any any eq 137
> access-list 101 deny tcp any any eq 138
> access-list 101 deny tcp any any eq 139
> access-list 101 deny tcp any any eq 445
> access-list 101 deny tcp any any eq 464
> access-list 101 deny tcp any any eq 1434
> access-list 101 deny tcp any any eq 1512
> access-list 101 deny udp any any eq 135
> access-list 101 deny udp any any eq netbios-ns
> access-list 101 deny udp any any eq netbios-dgm
> access-list 101 deny udp any any eq 1434
> access-list 101 deny udp any any eq 1512
> access-list 101 deny ip any any log
> no cdp run
> !
> !
> banner motd ^C
> ********************************************
> * AUTHORIZED ACCESS ONLY *
> * DO NOT attempt to login. *
> ********************************************
>
> ^C
> !
> line con 0
> exec-timeout 0 0
> password <removed>
> login
> line vty 0 4
> password <removed>
> login
> !
> sntp server 10.0.0.6
> end
>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
configurar enlace de backup cisco 1605 R Babe meneses Cisco 1 06-22-2012 06:25 AM
Setup 1605 Router to between two Autonomous Networks Isis Cisco 0 03-06-2005 08:17 PM
1605 R behind SMC DSL router ?? mikey Cisco 16 11-10-2004 03:23 PM
Cisco 1605 - How to restore default settings? Dave Thomas Cisco 2 07-20-2003 08:02 AM
cisco 1605 to dial to a provider sample config needed rachid23 Cisco 0 07-08-2003 08:55 PM



Advertisments