Cisco 857 Ethernet0 wont stay up unless constant ping is done.

Discussion in 'Cisco' started by underzen, Jun 23, 2006.

  1. underzen

    underzen Guest

    This is so very strange. My Cisco 857 router has been working
    perfectly for the last 9 months or so. I configured it 9 months ago
    and i have touched it since. Yesterday the ethernet port (VLAN1) kept
    going down all day long for some reason. I figured out that if I let a
    ping program run, ping -t 10.1.1.50, on a pc, the ethernet port would
    stay up. Once I stopped pinging the router the ethernet port would go
    down about 2 minutes later. When I say that the ethernet port would go
    down what I mean is that it would not respond to a ping, it would just
    time out and the ethernet port light on the router would stay on like
    nothing was wrong. I'm completely lost on this one!!!!!! Below is my
    current running config:


    Building configuration...

    Current configuration : 5525 bytes
    !
    version 12.3
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    no service password-encryption
    service sequence-numbers
    !
    hostname bellsouth.net
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 51200 debugging
    logging console critical
    enable secret 5 $1$ghu0$fmHrW6.2x8DW5q3XCG8cP1
    !
    username miamidsl privilege 15 secret 5 $1$N1KI$Eb43d3jltzi4.f9NAwVBH.
    username ericb secret 5 $1$PIg/$zyHw8QlRA7M0TRllf4iF30
    clock timezone PCTime -5
    clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
    aaa new-model
    !
    !
    aaa authentication login default local
    aaa authentication login sdm_vpn_xauth_ml_1 local
    aaa authentication login sdm_vpn_xauth_ml_2 local
    aaa authorization exec default local
    aaa authorization network sdm_vpn_group_ml_1 local
    aaa authorization network sdm_vpn_group_ml_2 local
    aaa session-id common
    ip subnet-zero
    no ip source-route
    ip dhcp excluded-address 10.1.1.1 10.1.1.50
    !
    ip dhcp pool sdm-pool1
    import all
    network 10.1.1.0 255.255.255.0
    default-router 10.1.1.50
    dns-server 10.1.1.3 205.152.144.23
    lease infinite
    !
    !
    ip cef
    ip inspect name mail-guard esmtp timeout 30
    ip tcp synwait-time 10
    no ip bootp server
    ip domain name bellsouth.net
    ip name-server 205.152.144.23
    ip name-server 205.152.132.23
    ip ssh time-out 60
    ip ssh authentication-retries 2
    no ftp-server write-enable
    !
    !
    !
    !
    !
    crypto isakmp policy 1
    encr 3des
    authentication pre-share
    group 2
    !
    crypto isakmp policy 3
    encr 3des
    group 2
    !
    crypto isakmp client configuration group remote
    key chevytre
    dns 10.1.1.3 205.152.144.23
    pool SDM_POOL_1
    !
    !
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
    !
    crypto dynamic-map SDM_DYNMAP_1 1
    set transform-set ESP-3DES-SHA1
    reverse-route
    !
    !
    crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_2
    crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_2
    crypto map SDM_CMAP_1 client configuration address respond
    crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
    !
    !
    !
    interface ATM0
    no ip address
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip route-cache flow
    no atm ilmi-keepalive
    dsl operating-mode auto
    !
    interface ATM0.1 point-to-point
    description $ES_WAN$$FW_OUTSIDE$
    pvc 8/35
    pppoe-client dial-pool-number 1
    !
    !
    interface FastEthernet0
    no ip address
    no cdp enable
    !
    interface FastEthernet1
    no ip address
    no cdp enable
    !
    interface FastEthernet2
    no ip address
    no cdp enable
    !
    interface FastEthernet3
    no ip address
    no cdp enable
    !
    interface Vlan1
    description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
    ip address 10.1.1.50 255.255.255.0
    ip access-group 101 in
    ip verify unicast reverse-path
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    ip virtual-reassembly
    ip route-cache flow
    ip tcp adjust-mss 1452
    !
    interface Dialer0
    description $FW_OUTSIDE$
    ip address 65.83.180.246 255.255.255.240
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip mtu 1492
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    ip route-cache flow
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap pap callin
    ppp chap hostname
    ppp chap password 0 domco1
    ppp pap sent-username password 0 domco1
    !
    interface Dialer1
    mtu 1492
    no ip address
    no cdp enable
    !
    ip local pool SDM_POOL_1 10.1.1.200 10.1.1.250
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    ip route 10.1.2.0 255.255.255.0 10.1.1.100
    !
    ip http server
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 600 life 86400 requests 10000
    ip nat inside source static tcp 10.1.1.3 500 interface Dialer0 500
    ip nat inside source static tcp 10.1.1.3 1701 interface Dialer0 1701
    ip nat inside source static tcp 10.1.1.3 1723 interface Dialer0 1723
    ip nat inside source static tcp 10.1.1.1 8476 interface Dialer0 8476
    ip nat inside source static tcp 10.1.1.1 8475 interface Dialer0 8475
    ip nat inside source static tcp 10.1.1.1 8474 interface Dialer0 8474
    ip nat inside source static tcp 10.1.1.1 8473 interface Dialer0 8473
    ip nat inside source static tcp 10.1.1.1 8472 interface Dialer0 8472
    ip nat inside source static tcp 10.1.1.1 8471 interface Dialer0 8471
    ip nat inside source static tcp 10.1.1.1 8470 interface Dialer0 8470
    ip nat inside source static tcp 10.1.1.1 449 interface Dialer0 449
    ip nat inside source static tcp 10.1.1.1 23 interface Dialer0 23
    ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
    ip nat inside source route-map SDM_RMAP_2 interface Dialer0 overload
    ip nat inside source static tcp 10.1.1.60 3389 interface Dialer0 3389
    !
    logging trap debugging
    logging 10.1.1.50
    access-list 100 permit ip 10.1.1.0 0.0.0.255 any
    access-list 120 permit ip 10.1.2.0 0.0.0.255 any
    dialer-list 1 protocol ip permit
    no cdp run
    route-map SDM_RMAP_1 permit 1
    match ip address 100
    !
    route-map SDM_RMAP_2 permit 1
    match ip address 120
    !
    !
    control-plane
    !
    banner login ^CAuthorized access only!
    Disconnect IMMEDIATELY if you are not an authorized user!^C
    !
    line con 0
    no modem enable
    transport preferred all
    transport output telnet
    line aux 0
    transport preferred all
    transport output telnet
    line vty 0 4
    transport preferred all
    transport input telnet ssh
    transport output all
    !
    scheduler max-task-time 5000
    scheduler allocate 4000 1000
    scheduler interval 500
    end
     
    underzen, Jun 23, 2006
    #1
    1. Advertisements

  2. underzen

    underzen Guest

    Forgot to add that if I power off the router and power it back on the
    ethernet0 port comes back up and works for a few minutes then goes down
    again.
     
    underzen, Jun 23, 2006
    #2
    1. Advertisements

  3. underzen

    Merv Guest

    Are there any relevant messages in the logging buffer ( show log) ?
     
    Merv, Jun 24, 2006
    #3
  4. underzen

    anybody43 Guest

    A couple of suggestions:-

    1.
    Duplicate IP address?

    2.
    You have it appears somewhat compromised security. IIRC port 449
    may allow login attempts to Windows (10.1.1.1) for example.

    Maybe your network if full of traffic that is not yours?
     
    anybody43, Jun 26, 2006
    #4
  5. underzen

    underzen Guest

    Hey all!! Thanks for the responses.

    The first thing I look for when something like this happens is for a
    compromised PC that's connecting to a IRC server for DDoS attacks.
    This didn't appear to be the case. There was almost no traffic going
    outbound on the router. There was also almost no traffic on the
    internal network at the router.

    After talking with a guy at work he mentioned that the night before we
    had a small power surge. So after working with Cisco a bit they
    concluded that there was an apparent power surge that traveled through
    the ethernet cable and caused damage to the internal 4 port switch on
    the router.

    I simply plugged in a backup router, older cisco, and everything is
    fine. No problems at all.
     
    underzen, Jun 27, 2006
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.