[cisco-nas] Weird Dialup Web Browsing Problem

Melvin C. Etheridge mele at enia.net
Wed Jun 30 19:48:17 EDT 2004


OK...

I'm running a Cisco 5300 with 192 Mica Modems,  12.3(6a) and Mica Firmware
2.9.5.0.

Some, but not all users cannot view web pages.  Or they can view web pages
for about 10 minutes and then stops.

At some point I reproduced this in the office on a Laptop dialing up. IE
would stop browsing after almost 10 minutes to the second.

 I had the same problem dialing in from out of town this past weekend both
on our 800 number and ld direct.

You can still ping www.xyz.com and it will resolve the domain name and
answer back.

YOU can TELNET into the 5300.  I can also enable the http server on the 5300
and veiw it's web pages but I cannot
view any pages past it.

I've tried turning header copression on,  I've tried turning it off....I've
tried a zillion different MTU settings...etc.....

I AM AT MY WITS END!!!

If anyone can help I would appreciate it!!!!!!

Mel


Here's a sample of my config.

sh conf
Using 5725 out of 126968 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log uptime
service password-encryption
service internal
!
hostname Cisco5300.enia.net
!
boot-start-marker
boot-end-marker
!
no logging buffered
no logging console
enable password 7 141101525854
!
username mele privilege 15 password 7 1303044B5F5C
spe 1/0 1/7
 firmware location system:/ucode/mica_port_firmware
spe 2/0 2/7
 firmware location system:/ucode/mica_port_firmware
!
resource-pool disable
clock timezone est -5
clock summer-time EDT recurring
!
calltracker enable
calltracker history max-size 100
modem country mica usa
aaa new-model
!
!
aaa authentication login dialin group radius
aaa authentication ppp default group radius
aaa authentication ppp dialin group radius
aaa authorization network default group radius
aaa accounting update newinfo
aaa accounting network default start-stop group radius
aaa session-id common
ip subnet-zero
ip cef
ip tcp path-mtu-discovery
ip domain name enia.net
!
async-bootp subnet-mask 255.255.254.0
async-bootp dns-server 12.31.84.2 12.31.84.5
!
modemcap entry
cisco:MSC=&F&D2S54=16584S0=0S29=12S21=15S62=8S63=3S34=18000S40=10S10=50S65=1
024
modemcap entry
noV92orV44:MSC=&F&D3S0=0S29=6S21=3S34=18000S40=10S10=50S62=0S63=0s45=5s53=0
modemcap entry V90:MSC=&F&D2S0=0S29=6S21=3S34=18000S40=10S10=50
modemcap entry v90:MSC=&F&D2S0=0S29=6S21=3S34=18000S40=10S10=50s53=0
!
!
controller T1 0
 framing esf
 clock source line primary
 linecode b8zs
 ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 1
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 2
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 3
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 4
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 5
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type e&m-fgb
!
controller T1 6
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type e&m-fgb
!
 controller T1 7
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type e&m-fgb
!
!
interface Loopback1
 ip address 12.31.85.1 255.255.255.0
!
interface Ethernet0
 no ip address
 shutdown
 no cdp enable
!
interface Serial0
 no ip address
 shutdown
 clockrate 2015232
 no fair-queue
 no cdp enable
!
interface Serial1
 no ip address
 shutdown
 clockrate 2015232
 no fair-queue
 no cdp enable
!
interface Serial2
 no ip address
 shutdown
 clockrate 2015232
 no fair-queue
 no cdp enable
!
interface Serial3
 no ip address
 shutdown
 clockrate 2015232
 no fair-queue
 no cdp enable
!
interface FastEthernet0
 ip address 12.31.84.6 255.255.255.0
 ip access-group 115 in
 ip access-group 115 out
 no ip redirects
 ip policy route-map SMTP-Redirect
 duplex half
 speed 10
 no cdp enable
!
interface Group-Async1
 ip unnumbered Loopback1
 no ip redirects
 no ip unreachables
 encapsulation ppp
 ip tcp header-compression passive
 ip policy route-map SMTP-Redirect
 dialer in-band
 dialer idle-timeout 480
 dialer-group 1
 async dynamic address
 async dynamic routing
 async mode interactive
 peer default ip address pool dialup
 no fair-queue
 ppp authentication pap callin
 ppp ipcp header-compression ack
 ppp ipcp dns 12.31.84.2 12.31.84.5
 ppp ipcp mask 255.255.254.0
 ppp timeout aaa
 group-range 1 192
!
interface Dialer1
 ip unnumbered FastEthernet0
 encapsulation ppp
 ip tcp header-compression passive
 dialer in-band
 dialer-group 1
 peer default ip address pool dialup
 no cdp enable
 ppp authentication pap
!
router eigrp 10
 network 12.0.0.0
 auto-summary
!
ip local pool dialup 12.31.85.10 12.31.85.202
ip default-gateway 12.31.84.1
ip classless
ip http server
!
!
logging trap debugging
logging 12.31.84.2
access-list 100 remark smtp redirect of 12.31.85.0 to 12.31.84.2
access-list 100 permit tcp 12.31.85.0 0.0.0.255 any eq smtp
access-list 115 deny   tcp any any eq 135
access-list 115 deny   udp any any eq 135
access-list 115 deny   udp any any eq netbios-ns
access-list 115 deny   udp any any eq netbios-dgm
access-list 115 deny   tcp any any eq 139
access-list 115 deny   udp any any eq netbios-ss
access-list 115 deny   tcp any any eq 445
access-list 115 deny   tcp any any eq 593
access-list 115 deny   tcp any any eq 1243
access-list 115 deny   tcp any any eq 1433
access-list 115 deny   udp any any eq 1434
access-list 115 deny   tcp any range 3127 3198 any
access-list 115 deny   tcp any any eq 4444
access-list 115 deny   tcp any any eq 27374
access-list 115 permit ip any any
access-list 199 permit icmp any any echo
access-list 199 permit icmp any any echo-reply
dialer-list 1 protocol ip permit
no cdp run
route-map SMTP-Redirect permit 20
 match ip address 100
 set ip next-hop 12.31.84.2
!
route-map nachi-worm permit 10
 match ip address 199
 match length 92 92
 set interface Null0
!
snmp-server community uv36ucr4q4t56yrq RW
snmp-server location enia.net statesboro, ga
snmp-server contact Melvin C. Etheridge 912.541.0091
snmp-server enable traps tty
radius-server host 12.31.84.2 auth-port 1645 acct-port 1646
radius-server retransmit 6
radius-server timeout 15
radius-server key 7 046A2A3C5F70151C191508
!
line con 0
 session-timeout 35791
 exec-timeout 35791 0
 timeout login response 300
 absolute-timeout 10000
line 1 192
 session-timeout 700
 absolute-timeout 1200
 session-limit 1
 modem Dialin
 modem autoconfigure type noV92orV44
 autoselect ppp
line aux 0
line vty 0
 session-timeout 35791
 exec-timeout 35791 0
 timeout login response 300
 absolute-timeout 10000
 login authentication local
line vty 1 4
 session-timeout 35791
 exec-timeout 35791 0
 timeout login response 300
 absolute-timeout 10000
 !
end

Cisco5300.enia.net#




More information about the cisco-nas mailing list