[cisco-nas] Weird Dialup Web Browsing Problem
Melvin C. Etheridge
mele at enia.net
Wed Jun 30 19:48:17 EDT 2004
OK...
I'm running a Cisco 5300 with 192 Mica Modems, 12.3(6a) and Mica Firmware
2.9.5.0.
Some, but not all users cannot view web pages. Or they can view web pages
for about 10 minutes and then stops.
At some point I reproduced this in the office on a Laptop dialing up. IE
would stop browsing after almost 10 minutes to the second.
I had the same problem dialing in from out of town this past weekend both
on our 800 number and ld direct.
You can still ping www.xyz.com and it will resolve the domain name and
answer back.
YOU can TELNET into the 5300. I can also enable the http server on the 5300
and veiw it's web pages but I cannot
view any pages past it.
I've tried turning header copression on, I've tried turning it off....I've
tried a zillion different MTU settings...etc.....
I AM AT MY WITS END!!!
If anyone can help I would appreciate it!!!!!!
Mel
Here's a sample of my config.
sh conf
Using 5725 out of 126968 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log uptime
service password-encryption
service internal
!
hostname Cisco5300.enia.net
!
boot-start-marker
boot-end-marker
!
no logging buffered
no logging console
enable password 7 141101525854
!
username mele privilege 15 password 7 1303044B5F5C
spe 1/0 1/7
firmware location system:/ucode/mica_port_firmware
spe 2/0 2/7
firmware location system:/ucode/mica_port_firmware
!
resource-pool disable
clock timezone est -5
clock summer-time EDT recurring
!
calltracker enable
calltracker history max-size 100
modem country mica usa
aaa new-model
!
!
aaa authentication login dialin group radius
aaa authentication ppp default group radius
aaa authentication ppp dialin group radius
aaa authorization network default group radius
aaa accounting update newinfo
aaa accounting network default start-stop group radius
aaa session-id common
ip subnet-zero
ip cef
ip tcp path-mtu-discovery
ip domain name enia.net
!
async-bootp subnet-mask 255.255.254.0
async-bootp dns-server 12.31.84.2 12.31.84.5
!
modemcap entry
cisco:MSC=&F&D2S54=16584S0=0S29=12S21=15S62=8S63=3S34=18000S40=10S10=50S65=1
024
modemcap entry
noV92orV44:MSC=&F&D3S0=0S29=6S21=3S34=18000S40=10S10=50S62=0S63=0s45=5s53=0
modemcap entry V90:MSC=&F&D2S0=0S29=6S21=3S34=18000S40=10S10=50
modemcap entry v90:MSC=&F&D2S0=0S29=6S21=3S34=18000S40=10S10=50s53=0
!
!
controller T1 0
framing esf
clock source line primary
linecode b8zs
ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 1
framing esf
linecode b8zs
ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 2
framing esf
linecode b8zs
ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 3
framing esf
linecode b8zs
ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 4
framing esf
linecode b8zs
ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 5
framing esf
linecode b8zs
ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 6
framing esf
linecode b8zs
ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 7
framing esf
linecode b8zs
ds0-group 1 timeslots 1-24 type e&m-fgb
!
!
interface Loopback1
ip address 12.31.85.1 255.255.255.0
!
interface Ethernet0
no ip address
shutdown
no cdp enable
!
interface Serial0
no ip address
shutdown
clockrate 2015232
no fair-queue
no cdp enable
!
interface Serial1
no ip address
shutdown
clockrate 2015232
no fair-queue
no cdp enable
!
interface Serial2
no ip address
shutdown
clockrate 2015232
no fair-queue
no cdp enable
!
interface Serial3
no ip address
shutdown
clockrate 2015232
no fair-queue
no cdp enable
!
interface FastEthernet0
ip address 12.31.84.6 255.255.255.0
ip access-group 115 in
ip access-group 115 out
no ip redirects
ip policy route-map SMTP-Redirect
duplex half
speed 10
no cdp enable
!
interface Group-Async1
ip unnumbered Loopback1
no ip redirects
no ip unreachables
encapsulation ppp
ip tcp header-compression passive
ip policy route-map SMTP-Redirect
dialer in-band
dialer idle-timeout 480
dialer-group 1
async dynamic address
async dynamic routing
async mode interactive
peer default ip address pool dialup
no fair-queue
ppp authentication pap callin
ppp ipcp header-compression ack
ppp ipcp dns 12.31.84.2 12.31.84.5
ppp ipcp mask 255.255.254.0
ppp timeout aaa
group-range 1 192
!
interface Dialer1
ip unnumbered FastEthernet0
encapsulation ppp
ip tcp header-compression passive
dialer in-band
dialer-group 1
peer default ip address pool dialup
no cdp enable
ppp authentication pap
!
router eigrp 10
network 12.0.0.0
auto-summary
!
ip local pool dialup 12.31.85.10 12.31.85.202
ip default-gateway 12.31.84.1
ip classless
ip http server
!
!
logging trap debugging
logging 12.31.84.2
access-list 100 remark smtp redirect of 12.31.85.0 to 12.31.84.2
access-list 100 permit tcp 12.31.85.0 0.0.0.255 any eq smtp
access-list 115 deny tcp any any eq 135
access-list 115 deny udp any any eq 135
access-list 115 deny udp any any eq netbios-ns
access-list 115 deny udp any any eq netbios-dgm
access-list 115 deny tcp any any eq 139
access-list 115 deny udp any any eq netbios-ss
access-list 115 deny tcp any any eq 445
access-list 115 deny tcp any any eq 593
access-list 115 deny tcp any any eq 1243
access-list 115 deny tcp any any eq 1433
access-list 115 deny udp any any eq 1434
access-list 115 deny tcp any range 3127 3198 any
access-list 115 deny tcp any any eq 4444
access-list 115 deny tcp any any eq 27374
access-list 115 permit ip any any
access-list 199 permit icmp any any echo
access-list 199 permit icmp any any echo-reply
dialer-list 1 protocol ip permit
no cdp run
route-map SMTP-Redirect permit 20
match ip address 100
set ip next-hop 12.31.84.2
!
route-map nachi-worm permit 10
match ip address 199
match length 92 92
set interface Null0
!
snmp-server community uv36ucr4q4t56yrq RW
snmp-server location enia.net statesboro, ga
snmp-server contact Melvin C. Etheridge 912.541.0091
snmp-server enable traps tty
radius-server host 12.31.84.2 auth-port 1645 acct-port 1646
radius-server retransmit 6
radius-server timeout 15
radius-server key 7 046A2A3C5F70151C191508
!
line con 0
session-timeout 35791
exec-timeout 35791 0
timeout login response 300
absolute-timeout 10000
line 1 192
session-timeout 700
absolute-timeout 1200
session-limit 1
modem Dialin
modem autoconfigure type noV92orV44
autoselect ppp
line aux 0
line vty 0
session-timeout 35791
exec-timeout 35791 0
timeout login response 300
absolute-timeout 10000
login authentication local
line vty 1 4
session-timeout 35791
exec-timeout 35791 0
timeout login response 300
absolute-timeout 10000
!
end
Cisco5300.enia.net#
More information about the cisco-nas
mailing list