Have an 1841 ADSLM router (our Gateway on IP: 10.0.0.254) configured for dual WAN:

1. ADSL on ATM/0/0 (for internet and IPSEC VPN to vendor) using Dialer0
2. ADSL through a bridged modem on FE0/1 (for dial-in PPTP VPN), using Dialer2.

It was working fine until the router was restarted (which had been done previously without problem).

Now, if I leave the modem connected to FE0/1 we seem to lose internet connectivity. I can ping IP addresses, but getting any amount of data through is difficult.

As soon as I disconnect the modem from FE0/1 (or the ADSL line to the modem) the internet works perfectly.

If I reconnect the modem, when the interface connects to the ISP, we start having problems with our internet again.

Here's a copy of the config:

version 15.0

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname cisco1841

!

boot-start-marker

boot-end-marker

!

security authentication failure rate 3 log

security passwords min-length 6

logging buffered 51200

logging console critical

enable secret 5 $1$GvA.$rwXf74Ujhbpx59dk/iKrG.

!

no aaa new-model

!

clock timezone PCTime 10

clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 2:00

dot11 syslog

no ip source-route

!

!

ip cef

no ip bootp server

no ip domain lookup

ip domain name cape.local

no ipv6 cef

!

multilink bundle-name authenticated

!

!

license udi pid CISCO1841 sn XYZ144411XY

archive

log config

  logging enable

  notify syslog contenttype plaintext

  hidekeys

username cisco privilege 15 secret 5 $1$3/bM$wqa1vZAo.eFofsbmTQy2f.

!

redundancy

!

ip tcp synwait-time 10

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

!

crypto isakmp policy 2

encr 3des

authentication pre-share

group 2

crypto isakmp key $!$38p3z10! address 203.xyz.xyz.19

!

!

crypto ipsec transform-set STRONG esp-des esp-md5-hmac

mode transport

crypto ipsec transform-set CAPE_TSET esp-3des esp-sha-hmac

!

crypto map CAPE_CRYMAP 10 ipsec-isakmp

set peer 203.xyz.xyz.19

set transform-set CAPE_TSET

match address VPN_TRAFFIC

!

crypto map CISCO 8 ipsec-isakmp

set peer 203.xyz.xyz.19

set transform-set STRONG

match address 124

!

crypto map SDM_CMAP_1 1 ipsec-isakmp

description Tunnel to203.xyz.xyz.19

set peer 203.xyz.xyz.19

set transform-set STRONG

match address 105

!

crypto map SDM_CMAP_2 1 ipsec-isakmp

description Tunnel to203.xyz.xyz.19

set peer 203.xyz.xyz.19

set transform-set STRONG

match address 106

!

!

interface FastEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$ES_LAN$$FW_INSIDE$

ip address 10.0.0.254 255.255.255.0

ip flow ingress

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

no mop enabled

!

interface FastEthernet0/1

no ip address

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 2

!

interface ATM0/0/0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

no atm ilmi-keepalive

!

interface ATM0/0/0.1 point-to-point

description $ES_WAN$

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

pvc 8/35

  encapsulation aal5mux ppp dialer

  dialer pool-member 1

!

interface Dialer0

ip address negotiated

no ip redirects

no ip unreachables

no ip proxy-arp

ip nbar protocol-discovery

ip flow ingress

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap callin

ppp chap hostname cape0@myisp.com

ppp chap password 7 075B711B1F5D40

ppp ipcp route default

no cdp enable

crypto map CAPE_CRYMAP

!

interface Dialer1

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

no cdp enable

!

interface Dialer2

description LINK TO DSL MODEM

mtu 1492

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 2

dialer idle-timeout 0

dialer-group 2

ppp authentication chap pap callin

ppp chap hostname cape2@myisp.com

ppp chap password 7 1241574441525C

ppp pap sent-username cape2@myisp.com password 7 154A595F57737B

no cdp enable

!

ip forward-protocol nd

ip http server

ip http authentication local

no ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat pool EXTERNAL 10.245.39.0 10.245.39.254 netmask 255.255.255.0

ip nat source list 50 interface Dialer0 overload

ip nat source list 60 interface Dialer2 overload

ip nat source list 112 pool EXTERNAL overload

ip nat inside source static tcp 10.0.0.2 25 interface Dialer0 25

ip nat inside source static tcp 10.0.0.2 443 interface Dialer0 443

ip nat inside source static tcp 10.0.0.2 80 interface Dialer0 80

ip nat inside source static tcp 10.0.0.2 1723 interface Dialer2 1723

ip nat inside source static tcp 10.0.0.2 110 interface Dialer0 110

ip nat inside source static tcp 10.0.0.2 143 interface Dialer0 143

ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload

ip nat inside source route-map VPN_RMAP pool EXTERNAL overload

ip nat inside source static tcp 10.0.0.50 449 10.245.39.250 449 extendable

ip nat inside source static udp 10.0.0.50 449 10.245.39.250 449 extendable

ip nat inside source static tcp 10.0.0.50 515 10.245.39.250 515 extendable

ip nat inside source static udp 10.0.0.50 515 10.245.39.250 515 extendable

ip nat inside source static tcp 10.0.0.50 8470 10.245.39.250 8470 extendable

ip nat inside source static udp 10.0.0.50 8470 10.245.39.250 8470 extendable

ip nat inside source static tcp 10.0.0.50 8471 10.245.39.250 8471 extendable

ip nat inside source static udp 10.0.0.50 8471 10.245.39.250 8471 extendable

ip nat inside source static tcp 10.0.0.50 8472 10.245.39.250 8472 extendable

ip nat inside source static udp 10.0.0.50 8472 10.245.39.250 8472 extendable

ip nat inside source static tcp 10.0.0.50 8473 10.245.39.250 8473 extendable

ip nat inside source static udp 10.0.0.50 8473 10.245.39.250 8473 extendable

ip nat inside source static tcp 10.0.0.50 8474 10.245.39.250 8474 extendable

ip nat inside source static udp 10.0.0.50 8474 10.245.39.250 8474 extendable

ip nat inside source static tcp 10.0.0.50 8475 10.245.39.250 8475 extendable

ip nat inside source static udp 10.0.0.50 8475 10.245.39.250 8475 extendable

ip nat inside source static tcp 10.0.0.50 8476 10.245.39.250 8476 extendable

ip nat inside source static udp 10.0.0.50 8476 10.245.39.250 8476 extendable

ip nat inside source static tcp 10.0.0.50 9100 10.245.39.250 9100 extendable

ip nat inside source static udp 10.0.0.50 9100 10.245.39.250 9100 extendable

ip nat inside source static 10.0.0.50 10.245.39.250

ip nat inside source static tcp 10.0.0.51 449 10.245.39.251 449 extendable

ip nat inside source static udp 10.0.0.51 449 10.245.39.251 449 extendable

ip nat inside source static tcp 10.0.0.51 515 10.245.39.251 515 extendable

ip nat inside source static udp 10.0.0.51 515 10.245.39.251 515 extendable

ip nat inside source static tcp 10.0.0.51 8470 10.245.39.251 8470 extendable

ip nat inside source static udp 10.0.0.51 8470 10.245.39.251 8470 extendable

ip nat inside source static tcp 10.0.0.51 8471 10.245.39.251 8471 extendable

ip nat inside source static udp 10.0.0.51 8471 10.245.39.251 8471 extendable

ip nat inside source static tcp 10.0.0.51 8472 10.245.39.251 8472 extendable

ip nat inside source static udp 10.0.0.51 8472 10.245.39.251 8472 extendable

ip nat inside source static tcp 10.0.0.51 8473 10.245.39.251 8473 extendable

ip nat inside source static udp 10.0.0.51 8473 10.245.39.251 8473 extendable

ip nat inside source static tcp 10.0.0.51 8474 10.245.39.251 8474 extendable

ip nat inside source static udp 10.0.0.51 8474 10.245.39.251 8474 extendable

ip nat inside source static tcp 10.0.0.51 8475 10.245.39.251 8475 extendable

ip nat inside source static udp 10.0.0.51 8475 10.245.39.251 8475 extendable

ip nat inside source static tcp 10.0.0.51 8476 10.245.39.251 8476 extendable

ip nat inside source static udp 10.0.0.51 8476 10.245.39.251 8476 extendable

ip nat inside source static tcp 10.0.0.51 9100 10.245.39.251 9100 extendable

ip nat inside source static udp 10.0.0.51 9100 10.245.39.251 9100 extendable

ip nat inside source static 10.0.0.51 10.245.39.251 extendable

ip route 0.0.0.0 0.0.0.0 Dialer0

ip route 0.0.0.0 0.0.0.0 Dialer2 10

ip route 10.1.1.0 255.255.255.0 FastEthernet0/1

!

ip access-list extended VPN_TRAFFIC

permit ip 10.245.39.0 0.0.0.255 host 203.abc.abc.156

deny   ip any any

!

logging trap debugging

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 10.0.0.0 0.0.0.255

access-list 1 permit 10.1.1.0 0.0.0.255

access-list 50 permit 10.0.0.0 0.255.255.255

access-list 60 permit 10.0.0.0 0.0.0.255

access-list 100 remark CCP_ACL Category=4

access-list 100 remark IPSec Rule

access-list 100 permit ip 10.0.0.0 0.0.0.255 host 203.abc.abc.156

access-list 101 remark CCP_ACL Category=2

access-list 101 remark IPSec Rule

access-list 101 deny   ip 10.0.0.0 0.0.0.255 host 203.abc.abc.156

access-list 101 permit ip 10.1.1.0 0.0.0.255 any

access-list 101 permit ip 10.0.0.0 0.0.0.255 any

access-list 102 remark CCP_ACL Category=4

access-list 102 remark IPSec Rule

access-list 102 permit ip 10.0.0.0 0.0.0.255 host 203.abc.abc.156

access-list 103 remark CCP_ACL Category=4

access-list 103 remark IPSec Rule

access-list 103 permit ip 10.0.0.0 0.0.0.255 host 203.abc.abc.156

access-list 104 remark CCP_ACL Category=4

access-list 104 remark IPSec Rule

access-list 104 permit ip 10.0.0.0 0.0.0.255 host 203.xyz.xyz.19

access-list 104 permit ip 10.0.0.0 0.0.0.255 any

access-list 105 remark CCP_ACL Category=4

access-list 105 remark IPSec Rule

access-list 105 permit ip 10.0.0.0 0.0.0.255 host 203.abc.abc.156

access-list 106 permit ip 10.0.0.0 0.255.255.255 203.102.137.0 0.0.0.255

access-list 106 permit ip 10.245.37.0 0.0.0.255 host 203.abc.abc.156

access-list 106 permit ip 10.0.0.0 0.0.0.255 10.245.39.0 0.0.0.255 log

access-list 112 permit ip 10.0.0.0 0.0.0.255 host 203.abc.abc.156

access-list 124 permit ip 10.245.37.0 0.0.0.255 host 203.abc.abc.156

access-list 150 permit tcp any any eq 3389

access-list 150 permit tcp any eq 3389 any

access-list 177 permit tcp any any eq 1723

access-list 177 permit tcp any eq 1723 any

access-list 177 permit gre any host 10.0.0.2

access-list 177 permit gre host 10.0.0.2 any

access-list 180 permit ip 10.245.39.0 0.0.0.255 host 203.abc.abc.156

access-list 198 permit tcp host 10.0.0.2 eq 1723 any log

dialer-list 1 protocol ip permit

no cdp run

!

route-map VPN_RMAP permit 10

match ip address 105

!

route-map PPTP_RMAP permit 10

match ip address 177

set interface Dialer2

!

route-map SDM_RMAP_1 permit 1

match ip address 101

!

route-map map permit 100

match ip address 150

set ip next-hop 10.1.1.2

!

!

control-plane

!

alias exec traffic sh ip nbar protocol-discovery stats bit-rate top-n 10

banner login ^CAuthorized access only!

Disconnect IMMEDIATELY if you are not an authorized user!^C

!

line con 0

login local

transport output telnet

line aux 0

login local

transport output telnet

line vty 0 4

privilege level 15

login local

transport input telnet

line vty 5 15

privilege level 15

login local

transport input telnet

!

scheduler allocate 4000 1000

event manager environment _email_server 10.0.0.2

event manager environment _email_from notification@mydomain.com.au

event manager environment _email_to itsupport@mydomain.com.au

event manager applet EEM_INTDOWN

event syslog pattern "LINEPROTO-5-UPDOWN.*FastEthernet.*"

action 1 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "Interface down on WAN router" body "$_syslog_msg"

event manager applet test

event none

action 1 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "testing" body "testing"

event manager applet mail_cfg_chg

event syslog pattern ".*%SYS-5-CONFIG_I.*"

action 1.0 info type routername

action 1.1 cli command "enable"

action 1.2 cli command "show running-config"

action 1.4 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "Config changed on router: $_info_routername" body "Config has changed. Here is the updated copy: $_cli_result"

!

end

I really don't have a clue what is going on!

Any help appreciated.