Strange Router behaviour

Hi all I have installed a new Cisco 871 as we have changed ISP's and have gone from ADSL to Fibre, the original router was an ADSL Cisco 877 and the new router is a Cisco 871 Since installing the new router a couple of days ago I have had some strange problems For example I was able to VPN into my network but could not access webmail. Internet going out was affected and if I logged into the router and tried to do a show log it would just hang, in otherwords it just wouldn't display the log. Also I have IPSEC setup between my home network and the office network. I was able to ping hosts and I was able to telnet to the office switches etc, but performance was pretty slow and I could not remote desktop to any hosts. I am unsure if it's any sort of DoS or an actual hardware fault or something else all together. A reload has always fixed it, till it happens again anyway. This has happened 3 times in the last 1 1/2 days I do have a Cisco 2801 I am going to put in it's place to help eliminate the router as the problem but I was hoping someone might be able to offer some suggestions as to whether or not these problems seem either hardware or software related. Attached is the show ver and a copy of the config (note that any static IP's pertaining to the network have been x'd out). Lastly the router connects to a Cisco PIX 515E V6.3 I suppose it could be firewall related but then why would a reload of the router fix the issues?

Cheers Scott

show ver Cisco IOS Software, C870 Software (C870-ADVSECURITYK9-M), Version

12.4(4)T8, RELEASE SOFTWARE (fc3) Technical Support: (c) 1986-2007 by Cisco Systems, Inc. Compiled Sat 11-Aug-07 03:34 by khuie

ROM: System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARE

Internet_Router uptime is 12 minutes System returned to ROM by reload at 23:37:09 WST Sat Jun 14 2008 System restarted at 23:37:51 WST Sat Jun 14 2008 System image file is "flash:c870-advsecurityk9-mz.124-4.T8.bin" Last reload reason: Reload Command

This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

If you require further assistance please contact us by sending email to snipped-for-privacy@cisco.com.

Cisco 871 (MPC8272) processor (revision 0x200) with 118784K/12288K bytes of memory. Processor board ID FHK1144270N MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10

5 FastEthernet interfaces 128K bytes of non-volatile configuration memory. 24576K bytes of processor board System flash (Intel Strataflash)

Configuration register is 0x2102

show run Building configuration...

Current configuration : 4742 bytes ! ! No configuration change since last restart ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug uptime service timestamps log uptime service password-encryption no service dhcp ! hostname Internet_Router ! boot-start-marker boot-end-marker ! logging buffered 10000 debugging enable password 7 ! no aaa new-model ! resource policy ! clock timezone WST 8 clock summer-time WST recurring last Sun Oct 2:00 last Sun Mar 2:00 ip subnet-zero no ip source-route ip cef ! ! no ip bootp server ip domain name somedomain.com.au ip name-server 203.161.127.1 vpdn enable ! ! ! ! username password ! ! ! ! ! interface Null0 no ip unreachables ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ip address x.x.x.x 255.255.255.252 ip access-group 101 in no ip redirects no ip unreachables no ip proxy-arp ip policy route-map clear-df speed 10 half-duplex ! interface Vlan1 ip address x.x.x.x 255.255.255.248 ip access-group 102 in ip tcp adjust-mss 1452 ip policy route-map clear-df hold-queue 100 out ! ip classless ip route 0.0.0.0 0.0.0.0 ! no ip http server no ip http secure-server ! access-list 1 remark The local LAN. access-list 1 permit x.x.x.0 0.0.0.255 access-list 2 permit x.x.x.x access-list 2 remark vty access list access-list 2 permit x.x.x.x 0.0.0.7 access-list 2 permit x.x.x.x 0.0.0.7 access-list 5 permit any access-list 101 remark Traffic allowed to router from Internet access-list 101 deny icmp any any log access-list 101 permit tcp any any established access-list 101 deny ip x.x.x.x 0.0.0.7 any access-list 101 deny ip 0.0.0.0 0.255.255.255 any access-list 101 deny ip 10.0.0.0 0.255.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip 169.254.0.0 0.0.255.255 any access-list 101 deny ip 172.16.0.0 0.15.255.255 any access-list 101 deny ip 192.0.2.0 0.0.0.255 any access-list 101 deny ip 192.168.0.0 0.0.255.255 any access-list 101 deny ip 198.18.0.0 0.1.255.255 any access-list 101 deny ip 224.0.0.0 0.15.255.255 any access-list 101 deny ip any host 255.255.255.255 access-list 101 permit ip any host x.x.x.x access-list 101 permit ip any host x.x.x.x access-list 101 permit ip any host x.x.x.x access-list 101 permit ip any host x.x.x.x access-list 101 permit ip any host x.x.x.x access-list 101 permit ip any host x.x.x.x access-list 101 permit udp any any eq ntp access-list 101 permit udp any any eq domain access-list 101 permit gre any host x.x.x.x access-list 101 permit udp host 203.161.127.1 host x.x.x.x access-list 101 permit udp host 203.153.224.42 host x.x.x.x access-list 101 deny ip any any log access-list 102 remark Traffic allowed to router from Ethernet access-list 102 permit icmp any any access-list 102 permit tcp any any established access-list 102 deny ip any 0.0.0.0 0.255.255.255 log access-list 102 deny ip any 10.0.0.0 0.255.255.255 log access-list 102 deny ip any 127.0.0.0 0.255.255.255 log access-list 102 deny ip any 169.254.0.0 0.0.255.255 log access-list 102 deny ip any 172.16.0.0 0.15.255.255 log access-list 102 deny ip any 192.0.2.0 0.0.0.255 log access-list 102 deny ip any 192.168.0.0 0.0.255.255 log access-list 102 deny ip any 198.18.0.0 0.1.255.255 log access-list 102 permit ip host x.x.x.x any access-list 102 permit ip host x.x.x.x any access-list 102 permit ip host x.x.x.x any access-list 102 permit ip host x.x.x.x any access-list 102 permit ip host x.x.x.x any access-list 102 permit ip host x.x.x.x any access-list 102 deny ip any host 116.212.213.255 access-list 102 deny udp any any eq tftp log access-list 102 deny udp any any eq 135 log access-list 102 deny tcp any any eq 135 log access-list 102 deny udp any any eq netbios-ns log access-list 102 deny udp any any eq netbios-dgm log access-list 102 deny tcp any any eq 445 log access-list 102 deny ip any host 255.255.255.255 access-list 102 deny ip any any log snmp-server community public RW snmp-server community private RO snmp-server location AFF Balcatta snmp-server contact AFF IT Dept snmp-server system-shutdown snmp-server enable traps tty no cdp run route-map clear-df permit 10 match ip address 5 set ip df 0 ! ! control-plane ! ! line con 0 exec-timeout 60 0 no modem enable stopbits 1 line aux 0 stopbits 1 line vty 0 4 access-class 2 in exec-timeout 120 0 login local length 0 ! scheduler max-task-time 5000 sntp server 128.250.36.2 end