Hi
i have a 2651 router for analog lines
the problem is from yesterday suddenly my users bandwitch go down
after i reload the router it will be ok for 1-2 hours
here's my config
Current configuration : 5115 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname R2651
!
logging buffered 10000 debugging
aaa new-model
aaa authentication login default local
aaa authentication ppp default group radius local
aaa authorization network default if-authenticated
aaa accounting update newinfo
aaa accounting network default start-stop group radius
aaa accounting system default start-stop group radius
!
ip subnet-zero
no ip icmp rate-limit unreachable
ip icmp rate-limit unreachable DF 100
ip rcmd rsh-enable
ip flow-cache feature-accelerate
ip cef
!
!
ip host router 23 80.191.231.55
ip name-server 217.218.127.104
ip name-server 217.218.127.105
ip name-server 217.218.127.106
!
!
class-map match-any http-hacks
match protocol http url "*.ida*"
match protocol http url "*cmd.exe*"
match protocol http url "*root.exe*"
match protocol http url "*readme.eml*"
class-map match-any arp
match protocol arp
!
!
policy-map ratelimitarp
class arp
police 8000 1500 1500 conform-action transmit exceed-action drop violate-a
tion drop
!
!
!
!
interface FastEthernet0/0
description connected to internet
ip address x.x.x.x 255.255.255.192
no ip unreachables
ip wccp web-cache redirect out
ip nat outside
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
interface FastEthernet0/0.520
no ip route-cache
no ip mroute-cache
!
interface Serial0/0
ip unnumbered FastEthernet0/0
ip wccp web-cache redirect out
ip nat outside
no ip mroute-cache
shutdown
no fair-queue
no cdp enable
!
interface FastEthernet0/1
description connected to acounting server
ip address x.x.x.x 255.255.255.192
ip access-group 115 in
ip access-group 115 out
duplex auto
speed auto
!
interface Group-Async0
physical-layer async
no ip address
no group-range
!
interface Group-Async1
description connected
ip unnumbered FastEthernet0/0
ip nat inside
encapsulation ppp
ip route-cache flow
ip tcp header-compression passive
no ip mroute-cache
no logging event link-status
async mode dedicated
peer default ip address pool private2
compress mppc
ppp authentication chap pap
group-range 33 64
!
ip local pool private1 10.186.100.240 10.186.100.242
ip local pool private2 192.168.1.1 192.168.1.50
ip nat translation max-entries 4096
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source list 2 interface FastEthernet0/0 overload
ip classless
no ip forward-protocol udp bootps
no ip forward-protocol udp tftp
no ip forward-protocol udp nameserver
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip route 0.0.0.0 0.0.0.0 x.x.x.x
no ip http server
ip pim bidir-enable
!
logging history size 500
access-list 1 permit 10.186.100.192 0.0.0.63
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 15 permit 10.186.100.250
access-list 115 permit ip 10.186.100.192 0.0.0.63 any
access-list 115 deny ip any any
access-list 117 deny tcp any any eq tacacs
access-list 117 deny tcp any any eq 8085
access-list 117 deny tcp any any eq 5554
access-list 117 deny tcp any any eq 9996
access-list 117 deny udp any any eq 4257
access-list 117 deny udp any any eq 1434
access-list 117 deny tcp any any eq 6667
access-list 117 deny tcp any any eq telnet
access-list 117 deny tcp any any eq 135
access-list 117 deny tcp any any eq 139
access-list 117 deny tcp any any eq 445
access-list 117 deny tcp any any eq 4444
access-list 117 deny tcp any any eq 707
access-list 117 deny udp any any eq 135
access-list 117 deny udp any any eq netbios-ss
access-list 117 deny udp any any eq 445
access-list 117 deny udp any any eq netbios-ns
access-list 117 deny udp any any eq netbios-dgm
access-list 117 deny icmp any any echo
access-list 117 deny icmp any any echo-reply
access-list 117 deny icmp any any redirect
access-list 117 deny ip 127.0.0.0 0.255.255.255 any
access-list 117 deny ip 224.0.0.0 31.255.255.255 any
access-list 117 deny ip host 0.0.0.0 any
access-list 117 deny ip 10.0.0.0 0.255.255.255 any
access-list 117 deny ip 172.16.0.0 0.0.255.255 any
access-list 117 permit ip any any
snmp-server community seaf_42 RW 15
snmp-server community ehsan RO
snmp-server trap link ietf
radius-server configure-nas
radius-server host 10.186.100.250 auth-port 26164 acct-port 26165
radius-server retransmit 3
radius-server key 7 044904131B245E
!
line con 0
line 33 64
modem answer-timeout 10
modem Dialin
modem autoconfigure discovery
terminal-type vt100
transport input all
escape-character BREAK
autoselect during-login
autoselect ppp
autohangup
speed 115200
flowcontrol hardware
line aux 0
modem autoconfigure discovery
line vty 0 1
session-timeout 60
exec-timeout 0 0
password 7 14121A180D0A
logging synchronous
modem autoconfigure discovery
line vty 2 4
session-timeout 60
exec-timeout 0 0
password 7 14121A180D0A
logging synchronous
line vty 5 15
logging synchronous
!
no scheduler allocate
end
موضوعات مشابه: