Announcement

Collapse
No announcement yet.

Cisco 877w blocking random web sites

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco 877w blocking random web sites

    I have recently set up 3 cisco 877w routers to connect our offices. I did a basic configuration to get them up an running as part of the initial deployment but I am having an problem connecting to seemingly random websites.

    The hostnames resolve with nslookup from the client and I can ping them but when the page loads in the browser it just hangs and times out. I also tried pulling the page with telnet and it connected and pulled a header just fine. The ones that popped up during my troubleshooting were myspace.com, msn.com, and support.microsoft.com just to name a few.

    Aside from that everything seems to work fine so far. Any ideas would be appreciated. Below is the running config from the one I just finished installing.


    Building configuration...
    Current configuration : 3433 bytes
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname FS3-RTR
    !
    boot-start-marker
    boot-end-marker
    !
    !
    no aaa new-model
    clock timezone EST 5
    clock summer-time EDT recurring
    !
    !
    dot11 syslog
    !
    dot11 ssid myssid
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii **********
    !
    no ip source-route
    ip cef
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.3.1 192.168.3.20
    !
    ip dhcp pool myDHCPPool
    network 192.168.3.0 255.255.255.0
    default-router 192.168.3.1
    dns-server 205.152.150.23 205.152.144.23
    lease 0 1
    !
    !
    ip auth-proxy max-nodata-conns 3
    ip admission max-nodata-conns 3
    ip domain name taylorsfirerescue.org
    ip name-server 205.152.144.23
    ip name-server 205.152.150.23
    !
    !
    !
    username ******* privilege 15 password **********
    !
    !
    archive
    log config
    hidekeys
    !
    !
    !
    bridge irb
    !
    !
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    dsl operating-mode auto
    !
    interface ATM0.1 point-to-point
    pvc 8/35
    encapsulation aal5snap
    pppoe-client dial-pool-number 1
    !
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Dot11Radio0
    no ip address
    !
    encryption mode ciphers tkip
    !
    broadcast-key change 60
    !
    !
    ssid myssid
    !
    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
    station-role root
    world-mode dot11d country US outdoor
    no cdp enable
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    !
    interface Vlan1
    no ip address
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    !
    interface Dialer0
    mtu 1492
    ip address negotiated
    ip access-group 101 in
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap pap callin
    ppp chap hostname ********@bellsouth.net
    ppp chap password ********
    ppp pap sent-username **********@bellsouth.net password ***********
    !
    interface BVI1
    ip address 192.168.3.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Dialer0
    !
    ip http server
    no ip http secure-server
    ip nat pool pool1 192.168.3.0 192.168.4.0 netmask 0.0.0.255
    ip nat inside source list 1 interface Dialer0 overload
    ip nat inside source static tcp 192.168.3.2 3389 interface Dialer0 3389
    !
    access-list 1 permit 192.168.3.0 0.0.0.255
    access-list 1 remark Used to overload Dialer 0 from NAT list
    access-list 101 permit tcp any host ********* established
    access-list 101 permit udp host 205.152.144.23 host **********
    access-list 101 permit udp host 205.152.150.23 host **********
    access-list 101 permit tcp any host ********* eq 22
    access-list 101 permit tcp any host ********* eq telnet
    access-list 101 permit tcp any host ********* eq 3389
    dialer-list 1 protocol ip permit
    !
    !
    !
    control-plane
    !
    bridge 1 protocol ieee
    bridge 1 route ip
    !
    line con 0
    password ********
    logging synchronous
    login
    no modem enable
    line aux 0
    line vty 0 4
    session-timeout 15
    privilege level 15
    password ******
    login local
    transport input telnet ssh
    !
    scheduler max-task-time 5000
    end
Working...
X