Cisco 837 chiude le porte dopo un tot di traffico!?

[molok]

un grosso saluto a tutti!
scrivo perche' non ho mai risolto un annoso problema e non capisco proprio che fare....
in pratica sulle porte che ho aperto dopo un po' che viene generato traffico queste si chiudono e bisogna riavviare il router...
Parlo delle porte di emule ma anche altre porte che puntano ai pc della lan
ecco la configurazione:

Codice: Seleziona tutto

service nagle
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service sequence-numbers
!
hostname bettyboop
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 5 log
logging exception 100000
logging count
logging queue-limit 10000
logging buffered 15000 debugging
logging console critical
enable secret *****************
enable password *************
!
username ********** password ***************
no aaa new-model
ip subnet-zero
no ip source-route
no ip gratuitous-arps
ip icmp rate-limit unreachable 1000
!
!
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.0.250
ip dhcp excluded-address 192.168.0.2
!
ip dhcp pool CLIENT
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.250
   dns-server 62.211.69.150 212.48.4.15
   domain-name tin.it
   lease infinite
!
!
ip tcp selective-ack
ip tcp window-size 2144
ip tcp synwait-time 10
ip name-server 62.211.69.150
ip name-server 212.48.4.15
no ip bootp server
ip cef
ip inspect log drop-pkt
ip inspect audit-trail
ip inspect max-incomplete low 300
ip inspect max-incomplete high 400
ip inspect one-minute low 300
ip inspect tcp synwait-time 20
ip inspect tcp max-incomplete host 300 block-time 0
ip inspect name IDS tcp
ip inspect name IDS udp
ip ips sdf location disk2:attack-drop.sdf
ip ips po max-events 100
ip ips name IPS-IN
no ftp-server write-enable
!
!
!
!
!
!
!
interface Ethernet0
 description LAN LOCALE
 ip address 192.168.0.250 255.255.255.0
 ip nat inside
 ip inspect IDS in
 ip virtual-reassembly
 ip tcp adjust-mss 1412
 no ip mroute-cache
 no cdp enable
 hold-queue 100 out
!
interface ATM0
 description INTERFACCIA ADSL
 no ip address
 ip verify unicast reverse-path
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip accounting access-violations
 ip route-cache flow
 no ip mroute-cache
 no atm ilmi-keepalive
 dsl operating-mode auto
 hold-queue 224 in
!
interface ATM0.1 point-to-point
 pvc 8/35
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet2
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet3
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet4
 no ip address
 duplex auto
 speed auto
!
interface Dialer0
 description ACCESSO AD INTERNET
 ip address negotiated
 ip verify unicast reverse-path
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip accounting access-violations
 ip mtu 1492
 ip nat outside
 ip ips IPS-IN in
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication pap callin
 ppp pap sent-username ************ password ************
!
ip local pool remote-pool 192.168.0.200 192.168.0.203
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.0.200 255.255.255.252 Dialer0
!
ip http server
no ip http secure-server
ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation udp-timeout 120
ip nat translation syn-timeout 120
ip nat translation dns-timeout 300
ip nat translation icmp-timeout 120
ip nat inside source list 101 interface Dialer0 overload
ip nat inside source static tcp 192.168.0.2 22 interface Dialer0 22
ip nat inside source static tcp 192.168.0.2 56000 interface Dialer0 56000
ip nat inside source static udp 192.168.0.2 56000 interface Dialer0 56000
ip nat inside source static tcp 192.168.0.2 6900 interface Dialer0 6900
ip nat inside source static udp 192.168.0.2 6900 interface Dialer0 6900
ip nat inside source static tcp 192.168.0.2 6901 interface Dialer0 6901
ip nat inside source static udp 192.168.0.2 6901 interface Dialer0 6901
!
!
logging history debugging
access-list 101 remark *** ACL PER PAT E NAT0 ***
access-list 101 deny   ip 192.168.0.0 0.0.0.255 192.168.0.200 0.0.0.3
access-list 101 permit ip 192.168.0.0 0.0.0.255 any
dialer-list 1 protocol ip permit
snmp-server community public RO
snmp-server enable traps tty
no cdp run
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 login local
 no modem enable
 transport preferred all
 transport output ssh
 stopbits 1
line aux 0
 exec-timeout 0 0
 login local
 transport preferred all
 transport output ssh
line vty 0 4
 exec-timeout 35791 0
 password *********
 login local
 length 0
 transport preferred all
 transport input telnet ssh
 transport output telnet ssh
!
scheduler max-task-time 5000
scheduler interval 500
end

Ormai ci avevo rinunciato da tempo ma ora o va o lo cambio! spero mi sappiate dare una mano.
grazie in anticipo a tutti!

[molok]

aggiungo l'sh int

Codice: Seleziona tutto

ATM0 is up, line protocol is up
  Hardware is PQUICC_SAR (with Alcatel ADSL Module)
  Description: INTERFACCIA ADSL
  MTU 1500 bytes, sub MTU 1500, BW 480 Kbit, DLY 80 usec,
     reliability 255/255, txload 105/255, rxload 80/255
  Encapsulation ATM, loopback not set
  Encapsulation(s): AAL5  AAL2, PVC mode
  10 maximum active VCs, 1024 VCs per VP, 1 current VCCs
  VC Auto Creation Disabled.
  VC idle disconnect time: 300 seconds
  Last input 2d09h, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/224/0/0 (size/max/drops/flushes); Total output drops: 1316
  Queueing strategy: Per VC Queueing
  5 minute input rate 152000 bits/sec, 28 packets/sec
  5 minute output rate 199000 bits/sec, 29 packets/sec
     6104906 packets input, 514200880 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 7 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     6316602 packets output, 4090872609 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 output buffer failures, 0 output buffers swapped out
ATM0.1 is up, line protocol is up

grazie!