Cisco 1841 router and XP internet access

[jamestav]

I am still experiencing a rather strange situation that I cannot seem to resolve.

I have four machines and one cell phone that connect via the router to the internet. 1 x Vista, 1 x Windows 2000, 2 x Windows XP and 1 x Windows Mobile 6 Professional.

Two of the machines, the Vista and Windows 2000 machines are fine with full internet connectivity and no problems.

The other three, 2 x XP and 1 x Mobile are giving me problems. These are the symptoms;
• When I try to browse any

http://www page,

it starts downloading the page and then stops and carries on trying indefinitely without timing out,
• I am able to ping, tracert, ftp and telnet to sites but cannot open the page in IE or Firefox,
• I am able to sync my mail on my mobile but it will not open and webpages either,
• The AVG anti virus updates start and then hangs and finally time out.

If I then connect the wireless modem to the WAN port on the hub and not the router and then manually change the ip and gateway of the machines, it works perfectly.

I am using an DHCP pool on the router and it issues leases to all the machines.

Does XP use a different port or config when connecting to the internet?

Is there a "feedback" rule I need to create for the XP machines on the router?

I have no idea what else to do and I am not well versed with Cisco!!

 

[North323]

post a config of your router

 

[jamestav]

Daleburne#show config
Using 5629 out of 196600 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Daleburne
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$upIr$00G0gSfirVKzVXsfdImU60
enable password 7 111918160405041E0078
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local
!
aaa session-id common
!
resource policy
!
clock timezone PCTime 2
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.21 192.168.0.254
!
ip dhcp pool Daleburne
import all
network 192.168.0.0 255.255.255.0
dns-server 196.30.31.193 196.46.70.1
default-router 192.168.0.25
!
!
no ip bootp server
ip name-server 196.30.31.193
ip name-server 196.41.70.1
!
username Admin privilege 15 password 7 15130F010D2422373C2134361C15
!
!
class-map match-any SDMVoice-Dialer0
match protocol rtp audio
class-map match-any SDMTrans-Dialer0
match protocol citrix
match protocol finger
match protocol notes
match protocol novadigm
match protocol pcanywhere
match protocol secure-telnet
match protocol sqlnet
match protocol sqlserver
match protocol ssh
match protocol telnet
match protocol xwindows
class-map match-any SDMScave-Dialer0
match protocol napster
match protocol fasttrack
match protocol gnutella
class-map match-any SDMBulk-Dialer0
match protocol exchange
match protocol ftp
match protocol irc
match protocol nntp
match protocol pop3
match protocol printer
match protocol secure-ftp
match protocol secure-irc
match protocol secure-nntp
match protocol secure-pop3
match protocol smtp
match protocol tftp
class-map match-any SDMRout-Dialer0
match protocol bgp
match protocol egp
match protocol eigrp
match protocol ospf
match protocol rip
match protocol rsvp
class-map match-any SDMSignal-Dialer0
match protocol h323
match protocol rtcp
class-map match-any SDMManage-Dialer0
match protocol dhcp
match protocol dns
match protocol imap
match protocol kerberos
match protocol ldap
match protocol secure-imap
match protocol secure-ldap
match protocol snmp
match protocol socks
match protocol syslog
class-map match-any SDMIVideo-Dialer0
match protocol rtp video
class-map match-any SDMSVideo-Dialer0
match protocol cuseeme
match protocol netshow
match protocol rtsp
match protocol streamwork
match protocol vdolive
!
!
policy-map SDM-Pol-Dialer0
class SDMManage-Dialer0
bandwidth remaining percent 3
set dscp cs2
class SDMSignal-Dialer0
bandwidth remaining percent 40
set dscp cs3
compress header ip tcp
class SDMRout-Dialer0
bandwidth remaining percent 3
set dscp cs6
class SDMTrans-Dialer0
bandwidth remaining percent 33
set dscp af21
class SDMVoice-Dialer0
priority percent 70
set dscp ef
compress header ip
!
!
!
interface Null0
no ip unreachables
!
interface FastEthernet0/0
description LAN connection$FW_INSIDE$$ETH-LAN$
ip address 192.168.0.25 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1392
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat inside
ip route-cache flow
ip tcp adjust-mss 1392
load-interval 30
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
description Internet connection$ETH-WAN$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1392
ip route-cache flow
load-interval 30
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
no mop enabled
!
interface Serial0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
clockrate 2000000
!
interface Dialer0
description $FW_OUTSIDE$
mtu 1392
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat outside
encapsulation ppp
ip route-cache flow
load-interval 30
dialer pool 1
dialer idle-timeout 0
dialer persistent
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname jamestav@iburst.co.za
ppp chap password 7 09554B05150A0043
ppp pap sent-username <DELETED> password 7 <DELETED>
service-policy output SDM-Pol-Dialer0
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http access-class 2
ip http authentication local
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
logging 192.168.0.25
logging <DELETED>
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 192.168.0.0 0.0.0.255
access-list 2 deny any
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!
^C
!
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line vty 0 4
access-class 1 in
password 7 <DELETED>
authorization exec local_author
login authentication local_authen
transport input telnet
!
scheduler allocate 4000 1000
end

 

[North323]

have you tried disabling the AVG then try the web?

ip tcp synwait-time 10
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.21 192.168.0.254

remove ip tcp synwait-time 10 the default is 30 but that could be an issue

maybe change your pool to: network 192.168.0.0 255.255.255.240 (.1-.14) then you can remove ip dhcp excluded-address 192.168.0.21 192.168.0.254

 

[jamestav]

No luck I have tried it with the antivirus off.

I set to ip tcp synwait-time to 30

I do not understand your recommendation w.r.t. the dchp pool

 

[North323]

you have a dhcp pool for the entire network but then you say ip dhcp excluded-address 192.168.0.21 192.168.0.254 which means dont give out IP addresses within this range. rather than say that, just limit your IP range 192.168.0.1 - .14

on the machine that does not work, can you post a ipconfig/all
and a netstat -r