Cisco 857 Ethernet0 wont stay up unless constant ping is done.

This is so very strange. My Cisco 857 router has been working
perfectly for the last 9 months or so. I configured it 9 months ago
and i have touched it since. Yesterday the ethernet port (VLAN1) kept
going down all day long for some reason. I figured out that if I let a
ping program run, ping -t 10.1.1.50, on a pc, the ethernet port would
stay up. Once I stopped pinging the router the ethernet port would go
down about 2 minutes later. When I say that the ethernet port would go
down what I mean is that it would not respond to a ping, it would just
time out and the ethernet port light on the router would stay on like
nothing was wrong. I'm completely lost on this one!!!!!! Below is my
current running config:


Building configuration...

Current configuration : 5525 bytes
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service sequence-numbers
!
hostname bellsouth.net
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$ghu0$fmHrW6.2x8DW5q3XCG8cP1
!
username miamidsl privilege 15 secret 5 $1$N1KI$Eb43d3jltzi4.f9NAwVBH.
username ericb secret 5 $1$PIg/$zyHw8QlRA7M0TRllf4iF30
clock timezone PCTime -5
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
aaa session-id common
ip subnet-zero
no ip source-route
ip dhcp excluded-address 10.1.1.1 10.1.1.50
!
ip dhcp pool sdm-pool1
import all
network 10.1.1.0 255.255.255.0
default-router 10.1.1.50
dns-server 10.1.1.3 205.152.144.23
lease infinite
!
!
ip cef
ip inspect name mail-guard esmtp timeout 30
ip tcp synwait-time 10
no ip bootp server
ip domain name bellsouth.net
ip name-server 205.152.144.23
ip name-server 205.152.132.23
ip ssh time-out 60
ip ssh authentication-retries 2
no ftp-server write-enable
!
!
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 3
encr 3des
group 2
!
crypto isakmp client configuration group remote
key chevytre
dns 10.1.1.3 205.152.144.23
pool SDM_POOL_1
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
set transform-set ESP-3DES-SHA1
reverse-route
!
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_2
crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_2
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
no ip address
no cdp enable
!
interface FastEthernet1
no ip address
no cdp enable
!
interface FastEthernet2
no ip address
no cdp enable
!
interface FastEthernet3
no ip address
no cdp enable
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 10.1.1.50 255.255.255.0
ip access-group 101 in
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
description $FW_OUTSIDE$
ip address 65.83.180.246 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname
ppp chap password 0 domco1
ppp pap sent-username password 0 domco1
!
interface Dialer1
mtu 1492
no ip address
no cdp enable
!
ip local pool SDM_POOL_1 10.1.1.200 10.1.1.250
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 10.1.2.0 255.255.255.0 10.1.1.100
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat inside source static tcp 10.1.1.3 500 interface Dialer0 500
ip nat inside source static tcp 10.1.1.3 1701 interface Dialer0 1701
ip nat inside source static tcp 10.1.1.3 1723 interface Dialer0 1723
ip nat inside source static tcp 10.1.1.1 8476 interface Dialer0 8476
ip nat inside source static tcp 10.1.1.1 8475 interface Dialer0 8475
ip nat inside source static tcp 10.1.1.1 8474 interface Dialer0 8474
ip nat inside source static tcp 10.1.1.1 8473 interface Dialer0 8473
ip nat inside source static tcp 10.1.1.1 8472 interface Dialer0 8472
ip nat inside source static tcp 10.1.1.1 8471 interface Dialer0 8471
ip nat inside source static tcp 10.1.1.1 8470 interface Dialer0 8470
ip nat inside source static tcp 10.1.1.1 449 interface Dialer0 449
ip nat inside source static tcp 10.1.1.1 23 interface Dialer0 23
ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
ip nat inside source route-map SDM_RMAP_2 interface Dialer0 overload
ip nat inside source static tcp 10.1.1.60 3389 interface Dialer0 3389
!
logging trap debugging
logging 10.1.1.50
access-list 100 permit ip 10.1.1.0 0.0.0.255 any
access-list 120 permit ip 10.1.2.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run
route-map SDM_RMAP_1 permit 1
match ip address 100
!
route-map SDM_RMAP_2 permit 1
match ip address 120
!
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport preferred all
transport output telnet
line aux 0
transport preferred all
transport output telnet
line vty 0 4
transport preferred all
transport input telnet ssh
transport output all
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

 

Forgot to add that if I power off the router and power it back on the
ethernet0 port comes back up and works for a few minutes then goes down
again.

 

Are there any relevant messages in the logging buffer ( show log) ?

 

A couple of suggestions:-

1.
Duplicate IP address?

2.
You have it appears somewhat compromised security. IIRC port 449
may allow login attempts to Windows (10.1.1.1) for example.

Maybe your network if full of traffic that is not yours?

 

Hey all!! Thanks for the responses.

The first thing I look for when something like this happens is for a
compromised PC that's connecting to a IRC server for DDoS attacks.
This didn't appear to be the case. There was almost no traffic going
outbound on the router. There was also almost no traffic on the
internal network at the router.

After talking with a guy at work he mentioned that the night before we
had a small power surge. So after working with Cisco a bit they
concluded that there was an apparent power surge that traveled through
the ethernet cable and caused damage to the internal 4 port switch on
the router.

I simply plugged in a backup router, older cisco, and everything is
fine. No problems at all.