Very Strange Problem

Hello all,

 I have run into an issue that I am having the hardest time trying to figure
out what it is. Here is what is happening:

I have a 2801 Router with and ASDL wic installed in it. There is currently
3 site to site VPN's configured, and basic routing, and PAT. What is
happening is every time a user behind this router tries to access the
internet (going to a site www.yahoo.com or facebook etc) it basically sits
there and just continues to load and take forever but never comes up, if I
go to www.google.com that has no images to load it comes up really quick
with no issue. Here is a kicker, if I try to load a web page on internal
site on the other side of the tunnel everything comes up as normal with no
problems, the issue is only when I try to access external websites from that
location. I am able to ping and telnet to port 80 with no problems. I
thought it was a fragmentation issue, so I changed MTU and MSS as low as
1200 and the problem still persists. Has anyone else seen this issue? I
found the issue on the internet but have not seen where anyone has come up
with a fix for it, so I thought I would see if anyone here may have seen
this issue and resolved?

The configuration is pretty basic (snippits)

F0/0 - Shutdown
!
interface FastEthernet0/1
 description $ES_LAN$
 ip address 192.168.90.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto

interface ATM0/3/0
 no ip address
 no ip mroute-cache
 no atm ilmi-keepalive
 dsl operating-mode auto
 hold-queue 224 in
!
interface ATM0/3/0.1 point-to-point
 pvc 8/32
  encapsulation aal5snap
  pppoe-client dial-pool-number 1
 !
!
interface Dialer1
 ip address negotiated
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname xxxxxxxxx
 ppp chap password 0 xxxxxxxx
 ppp pap sent-username xxxxxxxxxx password 0 xxxxxxxxx

ip route 0.0.0.0 0.0.0.0 Dialer1

ip nat inside source route-map internet_nat interface Dialer1 overload

ADSL is used because that is the only option in the location in which this
router is located. Any ideas on where I should be looking is much
appreciated, the next step for me is to probably open a TAC case but wanted
to get others thoughts first..

Sid

Blogs and organic groups at http://www.ccie.net
Received on Thu Jul 01 2010 - 22:02:26 ART