Hi Uli - thanks for the response
Yep - first release - serving me well ;-)
Have to say its disconnecting overnight or when heavy dloading - other than that its been good as gold
Only thing I've found out is the hold-queue 100 on eth0 in a forum but this hasn't made a diff.
I had 12.3(4)T4 ---> may try to get hold of soho97-k9oy1-mz.12.3-11.T6
In any case heres run info below: And I've added the run info the 12.3(4) afterwards that I tried in case you can see the problem with NAT
(I was running 10.0.0.X internally on that one - but I did try 10.10.10.X as I am currently using - even tried the web interface with it and no joy - v. confusing.)
Building configuration...
Current configuration : 3743 bytes
!
version 12.2
no service pad
service tcp-keepalives-in
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname
!
logging count
logging buffered informational
logging console warnings
logging monitor informational
enable
!
username
ip subnet-zero
no ip source-route
ip name-server
ip name-server
ip dhcp excluded-address 10.10.10.10
!
no ip bootp server
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
no crypto isakmp enable
!
!
!
!
interface Ethernet0
ip address 10.10.10.1 255.255.255.0
ip broadcast-address 10.10.10.255
ip access-group 122 out
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
no ip mroute-cache
atm vc-per-vp 64
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface Dialer1
ip address negotiated
ip access-group 111 in
ip nat outside
ip inspect myfw out
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication
ppp chap hostname
ppp chap password
ppp pap sent-username
hold-queue 224 in
!
ip nat inside source list 102 interface Dialer1 overload
ip nat inside source static udp 10.10.10.10 6881 interface Dialer1 6881
ip nat inside source static tcp 10.10.10.10 6881 interface Dialer1 6881
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
!
logging 10.10.10.10
access-list 102 permit ip 10.0.0.0 0.255.255.255 any
access-list 111 permit tcp any any eq 6881
access-list 111 permit udp any any eq 6881
access-list 111 permit udp any eq isakmp any eq isakmp
access-list 111 permit gre any any
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any time-exceeded
access-list 111 deny icmp any any administratively-prohibited
access-list 111 deny icmp any any echo
access-list 111 deny icmp any any packet-too-big
access-list 111 deny icmp any any unreachable
access-list 111 deny icmp any any
access-list 111 deny ip any any log
access-list 111 deny ip 192.168.0.0 0.0.255.255 any log
access-list 111 deny ip 172.16.0.0 0.15.255.255 any log
access-list 111 deny ip 10.0.0.0 0.255.255.255 any log
access-list 111 deny ip 127.0.0.0 0.255.255.255 any log
access-list 111 deny ip 255.0.0.0 0.255.255.255 any log
access-list 111 deny ip 224.0.0.0 31.255.255.255 any log
access-list 111 deny ip host 0.0.0.0 any log
access-list 122 permit ip any any
dialer-list 1 protocol ip permit
!
line con 0
exec-timeout 120 0
no modem enable
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 120 0
login local
length 0
!
scheduler max-task-time 5000
End
############################################################################ #############################
sh ver
Cisco IOS Software, SOHO97 Software (SOHO97-K9OY1-M), Version 12.3(4)T4, RELEAS
E SOFTWARE (fc2)
Technical Support:
formatting link
Copyright (c) 1986-2004 by Cisco Systems, Inc.
Compiled Thu 11-Mar-04 22:31 by eaarmas
ROM: System Bootstrap, Version 12.2(8r)YN, RELEASE SOFTWARE (fc1)
uptime is 1 hour, 47 minutes
System returned to ROM by reload
System image file is "flash:soho97-k9oy1-mz.123-4.T4.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
formatting link
If you require further assistance please contact us by sending email to
snipped-for-privacy@cisco.com.
Cisco SOHO97 (MPC857DSL) processor (revision 0x400) with 29492K/3276K bytes of m
emory.
Processor board ID AMB07440EJD (2947000950), with hardware revision 0000
CPU rev number 7
1 Ethernet interface
1 ATM interface
128K bytes of NVRAM.
8192K bytes of processor board System flash (Read/Write)
2048K bytes of processor board Web flash (Read/Write)
Configuration register is 0x2102
sh flash
System flash directory:
File Length Name/status
1 5308292 soho97-k9oy1-mz.123-4.T4.bin
[5308356 bytes used, 2818108 available, 8126464 total]
8192K bytes of processor board System flash (Read/Write)
sh ru
Building configuration...
Current configuration : 3583 bytes
!
version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname
!
boot-start-marker
boot-end-marker
!
logging count
logging buffered informational
logging console informational
logging monitor informational
enable
!
username
ip subnet-zero
ip name-server
ip name-server
ip dhcp excluded-address 10.0.0.254
ip dhcp excluded-address 10.0.0.10 10.255.255.254
!
ip dhcp pool CLIENT
import all
network 10.0.0.0 255.0.0.0
default-router 10.0.0.254
lease 0 2
!
!
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip ssh break-string
no aaa new-model
!
!
!
no crypto isakmp enable
!
!
!
!
interface Ethernet0
ip address 10.0.0.254 255.0.0.0 secondary
ip address 10.10.10.1 255.255.255.0
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
no ip mroute-cache
atm vc-per-vp 64
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface Dialer1
ip address negotiated
ip access-group 111 in
ip nat outside
ip inspect myfw out
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication
ppp chap hostname
ppp chap password
ppp pap sent-username
ppp ipcp dns request
ppp ipcp wins request
hold-queue 224 in
!
ip nat inside source list 102 interface Dialer1 overload
ip nat inside source static tcp 10.0.0.10 6881 interface Dialer1 6881
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
!
!
logging 10.0.0.10
access-list 23 permit 10.0.0.0 0.255.255.255
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 102 permit ip 10.0.0.0 0.255.255.255 any
access-list 111 permit tcp any any eq 6881
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any time-exceeded
access-list 111 deny icmp any any administratively-prohibited
access-list 111 deny icmp any any echo
access-list 111 deny icmp any any packet-too-big
access-list 111 deny icmp any any unreachable
access-list 111 deny icmp any any
access-list 111 deny ip any any log
dialer-list 1 protocol ip permit
!
control-plane
!
!
line con 0
exec-timeout 120 0
no modem enable
transport preferred all
transport output all
stopbits 1
line aux 0
transport preferred all
transport output all
stopbits 1
line vty 0 4
access-class 23 in
exec-timeout 120 0
login local
length 0
transport preferred all
transport input all
transport output all
!
scheduler max-task-time 5000
!
end