Ip http timeout-policy idle 60 life 86400 requests 10000 Tunnel protection ipsec profile VPN-Profile-1ĭescription Internal switch interface connecting to the embedded AP Service-policy type inspect WAN-LAN-POLICYĬrypto ipsec transform-set encrypt-method-1 esp-3des esp-sha-hmac Zone-pair security WAN-LAN source WAN destination LAN Service-policy type inspect LAN-WAN-POLICY
Zone-pair security LAN-WAN source LAN destination WAN Service-policy type inspect WAN-DMZ-POLICY Zone-pair security WAN-DMZ source WAN destination DMZ Object-group service INTERNAL_UTM_SERVICEĬlass-map type inspect match-any INTERNAL_DOMAIN_FILTERĬlass-map type inspect match-any Others_appĬlass-map type inspect match-any allowping_app Subject-name cn=IOS-Self-Signed-Certificate-3447020667Ĭrypto pki certificate chain TP-self-signed-3447020667 Ip inspect name Internet-out udp router-trafficĬrypto pki trustpoint TP-self-signed-3447020667 Ip inspect name Internet-out tcp router-traffic Ip inspect name Internet-out icmp router-traffic Service timestamps log datetime msec localtime show-timezoneīoot system flash 0a.binĪaa authentication login local_access localĪaa authentication login vpn_xauth_ml_1 localĪaa authorization network vpn_group_ml_1 local ! Last configuration change at 06:54:13 UTC Tue by iinet This causes a drop in the connection briefly while this is happening.īuilding configuration. It appears the router needs to re-authenticate the IPoE connection every 30 minutes. There are no log entries that I can find showing any disconnection. Is there a timer issue with IPoE or a bug? However the logs do not show the any interfaces being brought down/up in this period. The ISP logs show the following: Connected using IPoE UPDATE: Have connected the 860 back after 3 days of no reconnections on an old Draytek and can confirm that at exactly 30 minutes (after the initial connection) the Cisco reconnected. I'm not sure what other settings/logs you might need so please let me know what else I should be providing. I'm not sure what setting this could possibly be? My static IP address is using a DHCP lease from the ISP - not sure if this is expiring and renewing or maybe this is an MTU issue? Or a duplex negotiation issue? Or simply a known bug with IOS - before I take out a support contract.īelow is my configuration for the port in question: interface GigabitEthernet2 I can also see in the logs the interface (GigabitEthernet2) being brought down them up (not sure if this is related). My ISP logs show my Cisco 860 router disconnecting and reconnecting every 30 minutes and 18 seconds all day - it's noticable when browsing as the site has an error then reloads. # Enable the IP virtual fragment reassembly feature on Ethernet 1/1.I'm completely stuck for solution to this issue. If the drop-fragments keyword is specified along with any combination of the keywords max-fragments, max-reassemblies, and timeout, the drop-fragment keyword overrides the others and the device drops all incoming fragments on the interface. When the fragments of a datagram (in a reassembly) are not reassembled within the timeout interval, all the fragments of the reassembly are discarded. When the maximum number of fragments per reassembly is reached, the device discards all fragments of the reassembly and sends a syslog. When the maximum number of concurrent reassemblies is reached, the device discards all subsequent fragments (not including fragments that belong to assemblies established before the number is reached) and sends a syslog message. Timeout seconds: Specifies the timeout interval of a reassembly in seconds (1 to 64). It is in the range of 1 to 1024, and the default is 64. Max-reassemblies number: Specifies the maximum number of concurrent reassemblies.
It is in the range of 1 to 255, and the default is 16. Max-fragments number: Specifies the maximum number of fragments per reassembly. Viewsĭrop-fragments: Specifies the interface to drop all fragments. The IP virtual fragment reassembly feature is disabled. Use undo ip virtual-reassembly to disable IP virtual fragment reassembly. You can set the maximum number of fragments per reassembly, the maximum number of concurrent reassemblies, and the timeout interval of a reassembly.
Use ip virtual-reassembly to enable the IP virtual fragment reassembly feature.
0 kommentar(er)
