Internet Router Problem , No SSH from internet

Hello All,

               There is a severe problem i m facing these days , I have 2811 Router facing two internet service providers

This problem can occur at any time

Internet Suddenly Stuck , What happens that From internet i am not able to ping , telnet / SSH to public IPs at 2811 Router to both ISP(s)

From inside network , i  am able to telnet / SSH to my router

So to resolve this issue , i manually have to restart my router

I have disabled CEF also on interfaces and router but problem still persist

No error shows on NMS , logging

I also checked NAT entries and CPU utlization and that is OK .

Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version 12.4(1a), RELEASE SOFTWARE (fc2)

Cisco 2811 (revision 53.51) with 509952K/14336K bytes of memory.

239K bytes of non-volatile configuration memory.

62720K bytes of ATA CompactFlash (Read/Write)

Please HELP



Is this a permanent or intermittent problem?

If permanent look for access-list issues and access-group on vty lines.

If it is intermittent look at routing table when the problem is there and when it is not.

Also recommend using a loopback interface to access the router so the router can be accessed whenever at least an interface is up.

Finally you mentioned NAT. If an intermittent problem is present NAT and route flapping might as well be a problem (if a NAT entry is present and routing changes, you might end up with nasty surprises).



The problem is  intermittent

I have enabled tracking on ISP(s) links so that if one ISP goes down ,  second ISP can take over

Controlling it with Static Routing  by changing AD value

I will check routing table also , but am sure no NAT and route flapping problem is there .

Waiting for other peoples to reply so that i can have broad range of responses

Thanx Fabio


Hi Fabio,

We are also facing the same problem for the Router 2821. Any help will be appreciated.




During the problem time, can u verify the below

1- From the router, are you able to ping the remote IP (source it with the router IP address used for telnet) from which you are trying to access, and see if that works.

2- Do a trace from the remote system to router and see where it drops.

3- As Fabio mentioned, you can try using loopback for management purpose.

4- Enable debug icmp, and see if we are receving "ping" packet on the router.

5- Trace from router to remote system and see where it drops.

6- And is it only the management traffic getting affected. What abt user traffic?


Hi Sundeep,

At the time No Internet trffic is passing through the router and we cant even execut ANY command like sh run or so, Router completly get hang.

The only option is hard re-boot

Please help.