spotty connectivity

[gregworcester]

Hello, hope someone can help me with this. I am running a school network with about 75 users. We upgraded over the summer to a cisco 2821 router. We are having connectivity issues all over the school now. Some machines are ok, others are showing limited connectivity, in some cases a machines sitting right next to each other on the same switch. We have a computer lab where this is happening, 5 macines in a row on the same switch, 2 are ok, the other 3 have limited connectivity. All 5 are restored to factory defailts.

My cisco config is below:

Building configuration...

Current configuration : 4656 bytes
!
! Last configuration change at 10:50:32 PCTime Tue Sep 7 2010 by gregw
! NVRAM config last updated at 10:50:34 PCTime Tue Sep 7 2010 by gregw
!
version 15.0
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname MadisonEl
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$oWMt$RCxFSDB9dG.foFKz/fqEu1
!
no aaa new-model
clock timezone PCTime -5
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
!
no ip source-route
!
!
ip cef
ip dhcp excluded-address 192.168.x.2 192.168.x.129
ip dhcp excluded-address 192.168.x.231 192.168.x.254
!
ip dhcp pool madison
import all
network 192.168.x.0 255.255.255.0
dns-server 24.92.xxx.11 24.92.xxx.12
default-router 192.168.x.x
!
!
no ip bootp server
ip domain name MES
ip name-server 24.92.xxx.11
ip name-server 24.92.xxx.12
ntp max-associations 20
multilink bundle-name authenticated
!
!
!
license udi pid CISCO2821 sn FTX1429AHAP
username gregw privilege 15 secret 5 $1$cM0d$kfBYH0QDeaczZzaG.t0qP.
!
!
ip tcp synwait-time 10
!
class-map match-any SOCIAL_NET
match protocol http host "

http://www.addictinggames.com"

match protocol http host "

http://www.addictinggame.com"

match protocol http host "

http://www.akon.com"

match protocol http host "

http://www.arcadeplz.com"

match protocol http host "

http://www.gunsandammomag.com"

match protocol http host "

http://www.handgunsmag.com"

match protocol http host "

http://www.myspace.com"

match protocol http host "

http://www.outdoorsbest.com"

match protocol http host "

http://www.shotgunnews.com"

match protocol http host "

http://www.single--sexy.com"

match protocol http host "

http://www.singlesnet.com"

match protocol http host "

http://www.youtube.com"

match protocol http host "

http://www.videocodezone.com"

match protocol http host "

http://www.fusetv.com"

match protocol http host "

http://www.sigarms.com"

match protocol http host "

http://www.rodneyanonymous.com"

match protocol http host "

http://www.penisdevelopment.com"

match protocol http host "

http://www.ifilm.com"

match protocol http host "

http://www.ammoman.com"

match protocol http host "

http://www.buzznet.com"

match protocol http host "

http://www.cheetahsnv.com"

match protocol http host "

http://www.livevideo.com"

match protocol http host "

http://www.greenshines.com"

match protocol http host "guns.com"
!
!
policy-map DROP_SOCIAL_NET
class SOCIAL_NET
drop
!
!
!
!
!
interface GigabitEthernet0/0
description Outside Interface
ip address dhcp client-id GigabitEthernet0/0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
service-policy output DROP_SOCIAL_NET
!
interface GigabitEthernet0/1
description Lan Interface$ES_LAN$
ip address 192.168.x.1 255.255.255.0
ip access-group 105 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
router rip
version 2
network 192.168.x.0
!
ip forward-protocol nd
!
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface GigabitEthernet0/0 overload
!
logging trap debugging
access-list 1 permit 192.168.x.0 0.0.0.255
access-list 101 permit tcp any any eq pop3 log-input
access-list 101 permit tcp any any eq smtp log-input
access-list 101 permit tcp any any eq

http://www log-input

access-list 101 permit tcp any any eq ftp log-input
access-list 101 permit udp any any eq tftp log-input
access-list 101 permit udp any eq domain any log-input
access-list 101 permit tcp any any established log-input
access-list 101 permit tcp 192.168.x.0 0.0.0.255 any log-input
access-list 101 permit tcp any any eq 23460
access-list 101 permit udp any any eq 2967
access-list 101 permit tcp any any eq 8080
access-list 101 permit tcp any any eq 5900
access-list 105 permit ip any any
no cdp run

!
snmp-server community Madison RO
!
control-plane
!
!
line con 0
exec-timeout 0 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
password 7 141A07181805242C767C6561
login
transport input telnet
line vty 5 15
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
no process cpu extended
no process cpu autoprofile hog
ntp source GigabitEthernet0/0
ntp master
ntp server 66.70.29.130
ntp server 198.200.182.10
ntp server 67.106.77.184
ntp server 64.247.17.253
end

Question. Could the dns server statement in the dhcp pool
cause the issue i am experiencing. If anyone sees anything wrong with the config, let me know. Please help!!
Thanks

 

[unclerico]

nothing on the switches has changed??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[VinceWhirlwind]

Check eventviewer on the affected PCs for clues.

Check switch logs for clues.

Check the IP addresses on the affected PCs - are they valid? where did they come from?