Is it a hardware issue or a config issue or something else

Discussion in 'Cisco' started by Scooty, Jun 14, 2008.

  1. Scooty

    Scooty Guest

    Hi all
    I have installed a new Cisco 871 as we have changed ISP's and have
    gone from ADSL to Fibre, the original router was an ADSL Cisco 877 and
    the new router is a Cisco 871
    Since installing the new router a couple of days ago I have had some
    strange problems
    For example I was able to VPN into my network but could not access
    webmail. Internet going out was affected and if I logged into the
    router and tried to do a show log it would just hang. Also I have an
    IPSEC setup between my home network and the office network. I was able
    to ping hosts and I was able to telnet to the office switch etc, but
    performance was pretty slow and I could not remote desktop to any
    hosts
    I am unsure if it's a sort of DoS or an actual hardware fault or
    something else all together
    I do have a Cisco 2801 I am going to put in it's place to help
    eliminate the router as the problem
    I was hoping if anyone might be able to offer some suggestions as to
    whether or not these problems seem either hardware or software related
    Attached is the show ver and a copy of the config (not any static IP's
    pertaining to the network have been x'd out)

    Cheers
    Scott


    show ver
    Cisco IOS Software, C870 Software (C870-ADVSECURITYK9-M), Version
    12.4(4)T8, RELEASE SOFTWARE (fc3)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2007 by Cisco Systems, Inc.
    Compiled Sat 11-Aug-07 03:34 by khuie

    ROM: System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARE

    Internet_Router uptime is 12 minutes
    System returned to ROM by reload at 23:37:09 WST Sat Jun 14 2008
    System restarted at 23:37:51 WST Sat Jun 14 2008
    System image file is "flash:c870-advsecurityk9-mz.124-4.T8.bin"
    Last reload reason: Reload Command



    This product contains cryptographic features and is subject to United
    States and local country laws governing import, export, transfer and
    use. Delivery of Cisco cryptographic products does not imply
    third-party authority to import, export, distribute or use encryption.
    Importers, exporters, distributors and users are responsible for
    compliance with U.S. and local country laws. By using this product you
    agree to comply with applicable laws and regulations. If you are
    unable
    to comply with U.S. and local laws, return this product immediately.

    A summary of U.S. laws governing Cisco cryptographic products may be
    found at:
    http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

    If you require further assistance please contact us by sending email
    to
    .

    Cisco 871 (MPC8272) processor (revision 0x200) with 118784K/12288K
    bytes of memory.
    Processor board ID FHK1144270N
    MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10
    5 FastEthernet interfaces
    128K bytes of non-volatile configuration memory.
    24576K bytes of processor board System flash (Intel Strataflash)

    Configuration register is 0x2102

    show run
    Building configuration...

    Current configuration : 4742 bytes
    !
    ! No configuration change since last restart
    !
    version 12.4
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    no service dhcp
    !
    hostname Internet_Router
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 10000 debugging
    enable password 7 <passwd>
    !
    no aaa new-model
    !
    resource policy
    !
    clock timezone WST 8
    clock summer-time WST recurring last Sun Oct 2:00 last Sun Mar 2:00
    ip subnet-zero
    no ip source-route
    ip cef
    !
    !
    no ip bootp server
    ip domain name somedomain.com.au
    ip name-server 203.161.127.1
    vpdn enable
    !
    !
    !
    !
    username <username> password <password>
    !
    !
    !
    !
    !
    interface Null0
    no ip unreachables
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface FastEthernet4
    ip address x.x.x.x 255.255.255.252
    ip access-group 101 in
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip policy route-map clear-df
    speed 10
    half-duplex
    !
    interface Vlan1
    ip address x.x.x.x 255.255.255.248
    ip access-group 102 in
    ip tcp adjust-mss 1452
    ip policy route-map clear-df
    hold-queue 100 out
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 <nexthop>
    !
    no ip http server
    no ip http secure-server
    !
    access-list 1 remark The local LAN.
    access-list 1 permit x.x.x.0 0.0.0.255
    access-list 2 permit x.x.x.x
    access-list 2 remark vty access list
    access-list 2 permit x.x.x.x 0.0.0.7
    access-list 2 permit x.x.x.x 0.0.0.7
    access-list 5 permit any
    access-list 101 remark Traffic allowed to router from Internet
    access-list 101 deny icmp any any log
    access-list 101 permit tcp any any established
    access-list 101 deny ip x.x.x.x 0.0.0.7 any
    access-list 101 deny ip 0.0.0.0 0.255.255.255 any
    access-list 101 deny ip 10.0.0.0 0.255.255.255 any
    access-list 101 deny ip 127.0.0.0 0.255.255.255 any
    access-list 101 deny ip 169.254.0.0 0.0.255.255 any
    access-list 101 deny ip 172.16.0.0 0.15.255.255 any
    access-list 101 deny ip 192.0.2.0 0.0.0.255 any
    access-list 101 deny ip 192.168.0.0 0.0.255.255 any
    access-list 101 deny ip 198.18.0.0 0.1.255.255 any
    access-list 101 deny ip 224.0.0.0 0.15.255.255 any
    access-list 101 deny ip any host 255.255.255.255
    access-list 101 permit ip any host x.x.x.x
    access-list 101 permit ip any host x.x.x.x
    access-list 101 permit ip any host x.x.x.x
    access-list 101 permit ip any host x.x.x.x
    access-list 101 permit ip any host x.x.x.x
    access-list 101 permit ip any host x.x.x.x
    access-list 101 permit udp any any eq ntp
    access-list 101 permit udp any any eq domain
    access-list 101 permit gre any host x.x.x.x
    access-list 101 permit udp host 203.161.127.1 host x.x.x.x
    access-list 101 permit udp host 203.153.224.42 host x.x.x.x
    access-list 101 deny ip any any log
    access-list 102 remark Traffic allowed to router from Ethernet
    access-list 102 permit icmp any any
    access-list 102 permit tcp any any established
    access-list 102 deny ip any 0.0.0.0 0.255.255.255 log
    access-list 102 deny ip any 10.0.0.0 0.255.255.255 log
    access-list 102 deny ip any 127.0.0.0 0.255.255.255 log
    access-list 102 deny ip any 169.254.0.0 0.0.255.255 log
    access-list 102 deny ip any 172.16.0.0 0.15.255.255 log
    access-list 102 deny ip any 192.0.2.0 0.0.0.255 log
    access-list 102 deny ip any 192.168.0.0 0.0.255.255 log
    access-list 102 deny ip any 198.18.0.0 0.1.255.255 log
    access-list 102 permit ip host x.x.x.x any
    access-list 102 permit ip host x.x.x.x any
    access-list 102 permit ip host x.x.x.x any
    access-list 102 permit ip host x.x.x.x any
    access-list 102 permit ip host x.x.x.x any
    access-list 102 permit ip host x.x.x.x any
    access-list 102 deny ip any host 116.212.213.255
    access-list 102 deny udp any any eq tftp log
    access-list 102 deny udp any any eq 135 log
    access-list 102 deny tcp any any eq 135 log
    access-list 102 deny udp any any eq netbios-ns log
    access-list 102 deny udp any any eq netbios-dgm log
    access-list 102 deny tcp any any eq 445 log
    access-list 102 deny ip any host 255.255.255.255
    access-list 102 deny ip any any log
    snmp-server community public RW
    snmp-server community private RO
    snmp-server location AFF Balcatta
    snmp-server contact AFF IT Dept
    snmp-server system-shutdown
    snmp-server enable traps tty
    no cdp run
    route-map clear-df permit 10
    match ip address 5
    set ip df 0
    !
    !
    control-plane
    !
    !
    line con 0
    exec-timeout 60 0
    no modem enable
    stopbits 1
    line aux 0
    stopbits 1
    line vty 0 4
    access-class 2 in
    exec-timeout 120 0
    login local
    length 0
    !
    scheduler max-task-time 5000
    sntp server 128.250.36.2
    end
     
    Scooty, Jun 14, 2008
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?TWFyay1XaXJlbGVzcw==?=

    DNS cahce or something else?

    =?Utf-8?B?TWFyay1XaXJlbGVzcw==?=, Nov 20, 2004, in forum: Wireless Networking
    Replies:
    0
    Views:
    594
    =?Utf-8?B?TWFyay1XaXJlbGVzcw==?=
    Nov 20, 2004
  2. graeme@invalid
    Replies:
    5
    Views:
    18,357
    Randy
    Jun 9, 2011
  3. john doe
    Replies:
    0
    Views:
    2,765
    john doe
    Nov 9, 2003
  4. cci admin

    nat traversal or something else

    cci admin, Apr 22, 2004, in forum: Cisco
    Replies:
    5
    Views:
    3,434
    cci admin
    Apr 22, 2004
  5. Blobby J Blobdom

    Qhost or something else??

    Blobby J Blobdom, Oct 9, 2003, in forum: Computer Support
    Replies:
    14
    Views:
    854
    Blobby J Blobdom
    Oct 15, 2003
Loading...

Share This Page