I've got a Cisco 1720 talking to a Nokia IP120 for firewalling. The two are connected through a crossover cable. When I first hooked the two up, everything appeared to run just fine until about three hours later. At that point, the router quit responding to the internal network. I could still telnet into the router from the outside, though, and the router could still ping anything on the internet it wants to. The only way to get the Ethernet port talking again is to either reset the router, or issue a "shutdown" and then a "no shutdown" to the FastEthernet0 interface.
Futher tests showed me that removing the firewall from the equation eliminated the problem. Placing the firewall and router on a hub doesn't stop the problem, so that eliminated the crossover cable as the source problem. Right now, the problem seems to sit squarely at the point where the router and firewall communicate.
I'll admit to being a total newbie when it comes to router configuration. Programming has been my trade. I'm in this bind because I'm the only person at our company with any real IT experience. I'm hoping that one of you guru-types out there has had this experience, or can at least give me some ideas on how to further trace down the root of the problem.
I don't think there's anything screwy with the Cisco box. It has two interface cards in it. Slot 0 is occupied by a WIC-1T that talks to an Adtran channel bank through a v.35 interface. Slot 1 has a CSU/DSU card that was used on an old point-to-point T-1 with a former parent company. It presently sits disconnected and in shutdown state.
A copy of the router config follows. Thanks in advance.
[tt]
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname gw-decatur
!
enable secret 5 [snip]
enable password 7 [snip]
!
!
!
!
!
memory-size iomem 25
ip subnet-zero
ip name-server 66.255.85.8
ip name-server 66.255.85.9
!
!
!
!
interface Serial0
no ip address
encapsulation frame-relay IETF
frame-relay lmi-type ansi
!
interface Serial0.1 point-to-point
description Internet T-1
bandwidth 1024
ip address 66.255.182.214 255.255.255.252
frame-relay interface-dlci 163 IETF
!
interface Serial1
no ip address
shutdown
!
interface FastEthernet0
ip address 66.255.182.62 255.255.255.248
speed auto
full-duplex
!
ip classless
ip route 0.0.0.0 0.0.0.0 66.255.182.213
no ip http server
!
!
line con 0
line aux 0
line vty 0 4
password 7 [snip]
login
!
no scheduler allocate
end
[/tt]
Futher tests showed me that removing the firewall from the equation eliminated the problem. Placing the firewall and router on a hub doesn't stop the problem, so that eliminated the crossover cable as the source problem. Right now, the problem seems to sit squarely at the point where the router and firewall communicate.
I'll admit to being a total newbie when it comes to router configuration. Programming has been my trade. I'm in this bind because I'm the only person at our company with any real IT experience. I'm hoping that one of you guru-types out there has had this experience, or can at least give me some ideas on how to further trace down the root of the problem.
I don't think there's anything screwy with the Cisco box. It has two interface cards in it. Slot 0 is occupied by a WIC-1T that talks to an Adtran channel bank through a v.35 interface. Slot 1 has a CSU/DSU card that was used on an old point-to-point T-1 with a former parent company. It presently sits disconnected and in shutdown state.
A copy of the router config follows. Thanks in advance.
[tt]
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname gw-decatur
!
enable secret 5 [snip]
enable password 7 [snip]
!
!
!
!
!
memory-size iomem 25
ip subnet-zero
ip name-server 66.255.85.8
ip name-server 66.255.85.9
!
!
!
!
interface Serial0
no ip address
encapsulation frame-relay IETF
frame-relay lmi-type ansi
!
interface Serial0.1 point-to-point
description Internet T-1
bandwidth 1024
ip address 66.255.182.214 255.255.255.252
frame-relay interface-dlci 163 IETF
!
interface Serial1
no ip address
shutdown
!
interface FastEthernet0
ip address 66.255.182.62 255.255.255.248
speed auto
full-duplex
!
ip classless
ip route 0.0.0.0 0.0.0.0 66.255.182.213
no ip http server
!
!
line con 0
line aux 0
line vty 0 4
password 7 [snip]
login
!
no scheduler allocate
end
[/tt]
