[BULK] [cisco-nas] Weird Dialup Web Browsing Problem

Aaron Leonard Aaron at Cisco.COM
Wed Jun 30 21:12:12 EDT 2004


My hunch is that the addresses that are being assigned during
the "cannot view web pages" time are not fully routable for some reason.

For example, I have seen a customer suffer from behavior such as
you describe when using multiple RADIUS servers that were uncoordinatedly
assigning addresses from overlapping pools.  Or maybe you might
have a local address pool the upper part of which conflicts with
another route somewhere.

At the time when the problem occurs, I suggest trying a traceroute
from the core to a problem client IP address and see where that
takes you.  (And also traceroute from the client towards the core.)

(Just a hunch ...)

Aaron

---

> I forgot to mention......To be able to veiw webpages after this happens the
> computer needs to be rebooted.

> Just hanging up and redialing will not fix it.

> Mel

> ----- Original Message -----
> From: "Melvin C. Etheridge" <mele at enia.net>
> To: <cisco-nas at puck.nether.net>
> Cc: <cisco-nsp at puck.nether.net>
> Sent: Wednesday, June 30, 2004 7:48 PM
> Subject: [BULK] [cisco-nas] Weird Dialup Web Browsing Problem


> > OK...
> >
> > I'm running a Cisco 5300 with 192 Mica Modems,  12.3(6a) and Mica Firmware
> > 2.9.5.0.
> >
> > Some, but not all users cannot view web pages.  Or they can view web pages
> > for about 10 minutes and then stops.
> >
> > At some point I reproduced this in the office on a Laptop dialing up. IE
> > would stop browsing after almost 10 minutes to the second.
> >
> >  I had the same problem dialing in from out of town this past weekend both
> > on our 800 number and ld direct.
> >
> > You can still ping www.xyz.com and it will resolve the domain name and
> > answer back.
> >
> > YOU can TELNET into the 5300.  I can also enable the http server on the
> 5300
> > and veiw it's web pages but I cannot
> > view any pages past it.
> >
> > I've tried turning header copression on,  I've tried turning it
> off....I've
> > tried a zillion different MTU settings...etc.....
> >
> > I AM AT MY WITS END!!!
> >
> > If anyone can help I would appreciate it!!!!!!
> >
> > Mel
> >
> >
> > Here's a sample of my config.
> >
> > sh conf
> > Using 5725 out of 126968 bytes
> > !
> > version 12.3
> > service timestamps debug datetime msec
> > service timestamps log uptime
> > service password-encryption
> > service internal
> > !
> > hostname Cisco5300.enia.net
> > !
> > boot-start-marker
> > boot-end-marker
> > !
> > no logging buffered
> > no logging console
> > enable password 7 141101525854
> > !
> > username mele privilege 15 password 7 1303044B5F5C
> > spe 1/0 1/7
> >  firmware location system:/ucode/mica_port_firmware
> > spe 2/0 2/7
> >  firmware location system:/ucode/mica_port_firmware
> > !
> > resource-pool disable
> > clock timezone est -5
> > clock summer-time EDT recurring
> > !
> > calltracker enable
> > calltracker history max-size 100
> > modem country mica usa
> > aaa new-model
> > !
> > !
> > aaa authentication login dialin group radius
> > aaa authentication ppp default group radius
> > aaa authentication ppp dialin group radius
> > aaa authorization network default group radius
> > aaa accounting update newinfo
> > aaa accounting network default start-stop group radius
> > aaa session-id common
> > ip subnet-zero
> > ip cef
> > ip tcp path-mtu-discovery
> > ip domain name enia.net
> > !
> > async-bootp subnet-mask 255.255.254.0
> > async-bootp dns-server 12.31.84.2 12.31.84.5
> > !
> > modemcap entry
> >
> cisco:MSC=&F&D2S54=16584S0=0S29=12S21=15S62=8S63=3S34=18000S40=10S10=50S65=1
> > 024
> > modemcap entry
> >
> noV92orV44:MSC=&F&D3S0=0S29=6S21=3S34=18000S40=10S10=50S62=0S63=0s45=5s53=0
> > modemcap entry V90:MSC=&F&D2S0=0S29=6S21=3S34=18000S40=10S10=50
> > modemcap entry v90:MSC=&F&D2S0=0S29=6S21=3S34=18000S40=10S10=50s53=0
> > !
> > !
> > controller T1 0
> >  framing esf
> >  clock source line primary
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-fgb
> > !
> > controller T1 1
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-fgb
> > !
> > controller T1 2
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-fgb
> > !
> > controller T1 3
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-fgb
> > !
> > controller T1 4
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-fgb
> > !
> > controller T1 5
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-fgb
> > !
> > controller T1 6
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-fgb
> > !
> >  controller T1 7
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-fgb
> > !
> > !
> > interface Loopback1
> >  ip address 12.31.85.1 255.255.255.0
> > !
> > interface Ethernet0
> >  no ip address
> >  shutdown
> >  no cdp enable
> > !
> > interface Serial0
> >  no ip address
> >  shutdown
> >  clockrate 2015232
> >  no fair-queue
> >  no cdp enable
> > !
> > interface Serial1
> >  no ip address
> >  shutdown
> >  clockrate 2015232
> >  no fair-queue
> >  no cdp enable
> > !
> > interface Serial2
> >  no ip address
> >  shutdown
> >  clockrate 2015232
> >  no fair-queue
> >  no cdp enable
> > !
> > interface Serial3
> >  no ip address
> >  shutdown
> >  clockrate 2015232
> >  no fair-queue
> >  no cdp enable
> > !
> > interface FastEthernet0
> >  ip address 12.31.84.6 255.255.255.0
> >  ip access-group 115 in
> >  ip access-group 115 out
> >  no ip redirects
> >  ip policy route-map SMTP-Redirect
> >  duplex half
> >  speed 10
> >  no cdp enable
> > !
> > interface Group-Async1
> >  ip unnumbered Loopback1
> >  no ip redirects
> >  no ip unreachables
> >  encapsulation ppp
> >  ip tcp header-compression passive
> >  ip policy route-map SMTP-Redirect
> >  dialer in-band
> >  dialer idle-timeout 480
> >  dialer-group 1
> >  async dynamic address
> >  async dynamic routing
> >  async mode interactive
> >  peer default ip address pool dialup
> >  no fair-queue
> >  ppp authentication pap callin
> >  ppp ipcp header-compression ack
> >  ppp ipcp dns 12.31.84.2 12.31.84.5
> >  ppp ipcp mask 255.255.254.0
> >  ppp timeout aaa
> >  group-range 1 192
> > !
> > interface Dialer1
> >  ip unnumbered FastEthernet0
> >  encapsulation ppp
> >  ip tcp header-compression passive
> >  dialer in-band
> >  dialer-group 1
> >  peer default ip address pool dialup
> >  no cdp enable
> >  ppp authentication pap
> > !
> > router eigrp 10
> >  network 12.0.0.0
> >  auto-summary
> > !
> > ip local pool dialup 12.31.85.10 12.31.85.202
> > ip default-gateway 12.31.84.1
> > ip classless
> > ip http server
> > !
> > !
> > logging trap debugging
> > logging 12.31.84.2
> > access-list 100 remark smtp redirect of 12.31.85.0 to 12.31.84.2
> > access-list 100 permit tcp 12.31.85.0 0.0.0.255 any eq smtp
> > access-list 115 deny   tcp any any eq 135
> > access-list 115 deny   udp any any eq 135
> > access-list 115 deny   udp any any eq netbios-ns
> > access-list 115 deny   udp any any eq netbios-dgm
> > access-list 115 deny   tcp any any eq 139
> > access-list 115 deny   udp any any eq netbios-ss
> > access-list 115 deny   tcp any any eq 445
> > access-list 115 deny   tcp any any eq 593
> > access-list 115 deny   tcp any any eq 1243
> > access-list 115 deny   tcp any any eq 1433
> > access-list 115 deny   udp any any eq 1434
> > access-list 115 deny   tcp any range 3127 3198 any
> > access-list 115 deny   tcp any any eq 4444
> > access-list 115 deny   tcp any any eq 27374
> > access-list 115 permit ip any any
> > access-list 199 permit icmp any any echo
> > access-list 199 permit icmp any any echo-reply
> > dialer-list 1 protocol ip permit
> > no cdp run
> > route-map SMTP-Redirect permit 20
> >  match ip address 100
> >  set ip next-hop 12.31.84.2
> > !
> > route-map nachi-worm permit 10
> >  match ip address 199
> >  match length 92 92
> >  set interface Null0
> > !
> > snmp-server community uv36ucr4q4t56yrq RW
> > snmp-server location enia.net statesboro, ga
> > snmp-server contact Melvin C. Etheridge 912.541.0091
> > snmp-server enable traps tty
> > radius-server host 12.31.84.2 auth-port 1645 acct-port 1646
> > radius-server retransmit 6
> > radius-server timeout 15
> > radius-server key 7 046A2A3C5F70151C191508
> > !
> > line con 0
> >  session-timeout 35791
> >  exec-timeout 35791 0
> >  timeout login response 300
> >  absolute-timeout 10000
> > line 1 192
> >  session-timeout 700
> >  absolute-timeout 1200
> >  session-limit 1
> >  modem Dialin
> >  modem autoconfigure type noV92orV44
> >  autoselect ppp
> > line aux 0
> > line vty 0
> >  session-timeout 35791
> >  exec-timeout 35791 0
> >  timeout login response 300
> >  absolute-timeout 10000
> >  login authentication local
> > line vty 1 4
> >  session-timeout 35791
> >  exec-timeout 35791 0
> >  timeout login response 300
> >  absolute-timeout 10000
> >  !
> > end
> >
> > Cisco5300.enia.net#
> >
> >
> > _______________________________________________
> > cisco-nas mailing list
> > cisco-nas at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nas


> _______________________________________________
> cisco-nas mailing list
> cisco-nas at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nas


More information about the cisco-nas mailing list