12-26-2019 06:06 AM
Hello
I am facing a weired problem, whereby every day my lan users complain that they are not able to open any internet website. URL throws error message " site is down" or " request times out " or "unable to reach "
After restart of router everything starts working. From past 15 days I have to restart my router minimum 6-8 times in a day.
I tried checking CPU load it is only 35%. However, I can see many broadcast and multicast on router lan interface.
Strangely if I removed router ans connect switch directly to basic ISP modem everything works fine. so I can not understand why lan broadcast is affecting cisco 3825 router but not the basic ISP modem which is so cheaper compared to cisco router. I need router for site to site VPN, after router i connected 3750G core switch and enabled broadcast and multicast storm feature but all in vein. No benefit. I ran wirehshark and tried to found the source of broadcast and multicast but for my five minutes captures only 4 top IP showed maximum 32 packets of broadcast / multicast but on router lan interface i am receving 1000 + broadcast within few minutes. I need solution for above problem
12-26-2019 06:21 AM
12-26-2019 07:36 AM
12-26-2019 07:46 AM
12-26-2019 08:50 AM
Hello,
the configs look ok as far as I can tell. You might want to remove 'ip virtual-reassembly' from the subinterfaces of the router and check if that makes a difference.
Also, post the output of:
show interfaces GigabitEthernet0/1
12-26-2019 08:55 AM
12-27-2019 04:46 AM
12-27-2019 05:16 AM
Hello,
post your current running configuration with the changes you have implemented...
12-27-2019 05:22 AM
12-27-2019 05:34 AM
Hello,
check if the problem persists if you remove the crypto map from the interface:
interface GigabitEthernet0/1
ip address XX.XX.XX.XX 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
media-type rj45
--> no crypto map XX
Otherwise, since you say the problem occurs a while after rebooting the router, try and issue the commands below when it happens again:
clear ip nat translation *
clear crypto session
clear crypto sa map XX
12-27-2019 05:48 AM
Hello
If I remove crypto from outside interface then my site to site and remote to site VPN will stop working.
As asked by some one earlier ISP modem is Huawei HG630 which is a very low cost modem and run fine if I remove Cisco router and connect my switch directly to Modem and convert bridge mode to normal internet mode.
Thanks
Manish
12-27-2019 05:54 AM
secondly, my problem get resolved temporarily if I restart my Cisco router.
Example - everyone start their system on LAN at around 9:30 am and after I work they start complaining that they are unable to browse internet pages, so after restart of router, they are able to work as normal till next few hours and again we have to repeat the router restart process. Everyday we are restarting router 6-8 times in 9 hour shift.
Hope I have clearly mentioned by problem
12-27-2019 07:20 AM
Hello,
sounds like some sort of memory leak...which IOS version are you running (show ver) ?
12-27-2019 07:26 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide