[cisco-nas] As5300 crashes

John Lord lord at allturbo.com
Fri Oct 31 10:51:44 EST 2003 

Is anyone still having problems with worms crashing their nas's I have
an as5300 that is still locking up every couple weeks , ive added no ip
route-cache and ip cef to it but if I don't watch my network and kill
off infected users it will lockup every day , is there a fix or
something I need to add to my config? Here is my config below

As5300-Oc#sh conf
Using 4638 out of 124920 bytes
!
version 12.2
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname As5300-Oc
!
boot system flash:c5300-i-mz.122-15.T1.bin
logging queue-limit 100
logging buffered 10000 debugging
no logging console
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
username xxxxx password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
spe 1/0 1/7
 firmware location bootflash:mica-modem-pw.2.9.4.0.bin
spe 2/0 2/7
 firmware location bootflash:mica-modem-pw.2.9.4.0.bin
!
!
resource-pool disable
!
modem link-info poll time 10
aaa new-model
!
!
aaa authentication login default local group radius
aaa authentication login consoleport none
aaa authentication ppp default if-needed group radius
aaa authorization network default group radius 
aaa accounting delay-start 
aaa accounting update periodic 5
aaa accounting exec default start-stop group radius
aaa accounting network default start-stop group radius
aaa session-id common
ip subnet-zero

ip cef
ip finger
ip name-server 65.xxx.xxx.xxx
!
async-bootp dns-server 65.xxx.xxx.xxx 65.xxx.xxx.xxx
!
isdn switch-type primary-dms100
isdn voice-call-failure 0
modemcap entry
mica-nokflex:MSC=&F&D2S54=16584S0=0S29=12S21=15S62=8S63=3S34=18000S40=10
S10=50
!
!
controller T1 0
 framing esf
 clock source line primary
 linecode b8zs
 pri-group timeslots 1-24 nfas_d primary nfas_int 0 nfas_group 0
!         
controller T1 1
 framing esf
 clock source line secondary 1
 linecode b8zs
 pri-group timeslots 1-24 nfas_d backup nfas_int 1 nfas_group 0
!
controller T1 2
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 3
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 4
 shutdown
 framing sf
 linecode ami
!
controller T1 5
 shutdown
 framing sf
 linecode ami
!
controller T1 6
 shutdown
 framing sf
 linecode ami
!
controller T1 7
 shutdown
 framing sf
 linecode ami
!
!
interface Loopback0
 ip address 65.xxx.xxx.xxx 255.255.255.128
!
interface Serial0:23
 ip unnumbered Loopback0
 encapsulation ppp
 no ip route-cache
 dialer-group 1
 isdn switch-type primary-dms100
 isdn incoming-voice modem
 peer default ip address pool setup_pool
 fair-queue 64 256 0
 ppp authentication pap
 ppp multilink
!
interface Serial2:23
 ip unnumbered Loopback0
 encapsulation ppp
 no ip route-cache
 dialer-group 1
 isdn switch-type primary-dms100
 isdn incoming-voice modem
 peer default ip address pool setup_pool
 fair-queue 64 256 0
 ppp authentication pap
 ppp multilink
!
interface Serial3:23
 ip unnumbered Loopback0
 encapsulation ppp
 no ip route-cache
 dialer-group 1
 isdn switch-type primary-dms100
 isdn incoming-voice modem
 peer default ip address pool setup_pool
 fair-queue 64 256 0
 ppp authentication pap
 ppp multilink
!
interface FastEthernet0
 ip address 65.xxx.xxx.xxx 255.255.255.0
 no ip unreachables
 duplex full
 speed 100
 no cdp enable
!
interface Group-Async1
 ip unnumbered Loopback0
 no ip unreachables
 encapsulation ppp
 ip tcp header-compression
 async mode interactive
 peer default ip address pool setup_pool
 no keepalive
 ppp authentication pap
 group-range 1 192
!
ip local pool setup_pool 65.xxx.xxx.xxx 65.xxx.xxx.xxx
ip classless
ip route 0.0.0.0 0.0.0.0 65.xxx.xxx.xxx
no ip http server
!
!
!
!
access-list 101 permit ip any any
access-list 110 permit tcp any any established
access-list 110 deny   icmp any any echo log
access-list 110 deny   icmp any any echo-reply log
access-list 110 permit ip any any
dialer-list 1 protocol ip permit
snmp-server engineID local 000000090200003080BD40CA
snmp-server community xxxxxx RO
snmp-server enable traps tty
radius-server host 65.xxx.xxx.xxx auth-port 1812 acct-port 1813
non-standard
radius-server key 7 xxxxxxxxxx
radius-server authorization permit missing Service-Type
!
line con 0
 exec-timeout 0 0
 logging synchronous
line 1 192
 no flush-at-activation
 modem Dialin
 modem autoconfigure type mica-nokflex
 autocommand  ppp
 autoselect during-login
 autoselect ppp
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 xxxxxxxxxxxxx
!
scheduler interval 1000
end

John Lord
It Manager
AllTurbo Internet Services Inc
410-213-9388 Office
www.allturbo.com

More information about the cisco-nas mailing list