871w hangs up VPN Dialer

Unanswered Question
Oct 23rd, 2010
User Badges:

Hello!


I have 871w set up as VPN client. Provider's cable is plugged into WAN port (FastEthernet 4) - that's now I access its LAN. Then I have to dial to their VPN server to access global internet. And the problem is that sometimes my dialer connection just hangs up and I can't debug the reason. It doesn't disconnect - just hangs and I can't even ping any host from cisco terminal (and from client computers too of course). I noticed however that this weird thing will 100% occure if I turn on torrent client or watch some videos on youtube. But it won't hang immediately - it can take an hour or some to happen. I tried to work without youtube and torrents - and got 3 days of stable uptime for example.


So what could it be? Looks like some buffer overflowing. But how do I debug? Here's my config, I removed wifi sections to make it a bit smaller:

!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
!
hostname 871w
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
no logging buffered
enable secret 5 $1$oW4O$dwbYXwqcD4QdS7VBrWaP0/
!
no aaa new-model
!
!
ip source-route
no ip gratuitous-arps
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.16.1.1
!
ip dhcp pool HOME
   import all
   network 10.16.1.0 255.255.255.0
   default-router 10.16.1.1
   dns-server 10.16.1.1
   lease 0 2
!
!
ip cef
ip domain timeout 1
ip host members.dyndns.org 204.13.248.112
ip multicast-routing
ip ddns update method DynDNS
HTTP
  add http://***=
  remove http://***=
interval maximum 28 0 0 0
!
no ipv6 cef
ntp master
ntp server 89.186.245.200 prefer
!
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group 22
request-dialin
  protocol pptp
  rotary-group 0
initiate-to ip 172.16.4.1
!
!
archive
log config
  hidekeys
!
!
bridge irb
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address 172.23.10.59 255.255.255.0
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
speed auto
full-duplex
no cdp enable
!
interface Vlan1
no ip address
ip flow ingress
ip nat inside
ip virtual-reassembly
bridge-group 1
!
interface Dialer0
mtu 1450
ip address negotiated
ip pim dense-mode
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 22
no peer neighbor-route
no keepalive
no cdp enable
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp chap hostname ***
ppp chap password 0 ***
ppp ipcp dns request
!
interface BVI1
ip address 10.16.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 81.200.144.0 255.255.240.0 172.23.10.1
ip route 94.198.216.0 255.255.248.0 172.23.10.1
ip route 95.154.112.64 255.255.255.192 172.23.10.1
ip route 95.154.113.0 255.255.255.128 172.23.10.1
ip route 172.16.0.0 255.240.0.0 172.23.10.1
ip route 192.168.0.0 255.255.0.0 172.23.10.1
no ip http server
no ip http secure-server
!
!
ip dns view default
domain timeout 1
domain resolver source-interface Dialer0
ip dns view-list default-list
ip dns server
ip dns spoofing
ip nat inside source list NAT_INTERNET interface Dialer0 overload
ip nat inside source list NAT_ISP interface FastEthernet4 overload
!
ip access-list extended NAT_INTERNET
deny   ip 10.16.1.0 0.0.0.255 172.0.0.0 0.255.255.255 log
deny   ip 10.16.1.0 0.0.0.255 81.200.144.0 0.0.0.255
deny   ip 10.16.1.0 0.0.0.255 94.198.216.0 0.0.0.255
deny   ip 10.16.1.0 0.0.0.255 95.154.112.0 0.0.0.255
deny   ip 10.16.1.0 0.0.0.255 95.154.113.0 0.0.0.255
deny   ip 10.16.1.0 0.0.0.255 192.168.0.0 0.0.255.255
permit ip 10.16.1.0 0.0.0.255 any
ip access-list extended NAT_ISP
remark From home LAN to ISP LAN
permit ip 10.16.1.0 0.0.0.255 any
!
logging trap debugging
dialer-list 22 protocol ip permit
no cdp run

!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
no modem enable
transport preferred none
line aux 0
line vty 0 4
privilege level 15
password ***
login
transport input telnet ssh
!
scheduler max-task-time 5000
end

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion