Question : Cisco 851 Router locking up

We have a Cisco 851 Router that is responsible for our email, internet and also VPN connectivity. The WAN input is from an optical fibre link.
This router, every 2-3 days, locks up or freezes and we do not have any connectivity. The only solution is to do a power reset on the router and once it boots back up, it is ok again.
The logging doesn't indicate any faults that would explain a lock up and we have recently upgraded this router to the latest firmware (the problem has been present both before and after the firmware upgrade).
So far Cisco have not been very helpful, hoping someone can shed some light on this one as it is starting to effect our business.
I have included the running config as an attachment.

1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396:

!This is the running config of the router: 192.168.1.254 !---------------------------------------------------------------------------- !version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname MTData ! boot-start-marker boot-end-marker ! logging buffered 51200 logging console critical enable secret 5 ######## ! no aaa new-model clock timezone Sydney 10 clock summer-time Sydney date Mar 30 2003 3:00 Oct 26 2003 2:00 ! crypto pki trustpoint TP-self-signed-3265497259 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3265497259 revocation-check none rsakeypair TP-self-signed-3265497259 ! ! crypto pki certificate chain TP-self-signed-3265497259 certificate self-signed 01 3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33323635 34393732 3539301E 170D3130 30333136 30343430 32335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32363534 39373235 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100EA46 A8D9C8E6 5548086E 431A1776 CEBBA773 45907C93 9FB8FA66 8AB4DDB8 1C01D81B 32D53D57 AB6A9E39 36B5779A B339CA22 EE0015B0 6D917E11 896A6CA8 9DF4AD64 C5AD9088 B31D0BEC D5463C1A CE2EF006 06972947 ECF62ECF 8FCEAFCE B0A1E124 184BD0B5 D9F5E619 22ACDDCE 16BA0F57 70713C7C 14AFCB3A 52FDEEBB 54AF0203 010001A3 74307230 0F060355 1D130101 FF040530 030101FF 301F0603 551D1104 18301682 144D5444 6174612E 6D746461 74612E63 6F6D2E61 75301F06 03551D23 04183016 8014B818 99180EC2 BE23D332 C9EA392E 4E09892B F2A9301D 0603551D 0E041604 14B81899 180EC2BE 23D332C9 EA392E4E 09892BF2 A9300D06 092A8648 86F70D01 01040500 03818100 6788FF4E FB70C633 C8DD1130 1AA5EF72 2C75FC07 A91C0681 2C1AD2C9 F20981DD 2E774C94 FDC55A27 E6CC52A7 68A24172 4FE4F0D0 4AC8843C 0FE83815 D37D16CE B6670A06 2DCD6F10 58DC55EF 9735DB9A 95AA3381 0F4173B4 7A369F2C F21CAE8F 546B280D 3DDAFDF9 29E64BC1 47629CA8 050734B2 65E46773 65895BF5 78CED3E1 quit dot11 syslog no ip source-route no ip dhcp use vrf connected ip dhcp excluded-address 192.168.1.1 192.168.1.99 ! ip dhcp pool ccp-pool1 import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.254 domain-name xxxxx dns-server 192.168.1.101 netbios-name-server 192.168.1.101 ! ! ip cef ip inspect name DEFAULT100 cuseeme ip inspect name DEFAULT100 ftp ip inspect name DEFAULT100 h323 ip inspect name DEFAULT100 icmp ip inspect name DEFAULT100 rcmd ip inspect name DEFAULT100 realaudio ip inspect name DEFAULT100 rtsp ip inspect name DEFAULT100 esmtp ip inspect name DEFAULT100 sqlnet ip inspect name DEFAULT100 streamworks ip inspect name DEFAULT100 tftp ip inspect name DEFAULT100 tcp ip inspect name DEFAULT100 udp ip inspect name DEFAULT100 vdolive no ip bootp server ip domain name xxxxxx.com.au ip name-server 139.130.xxx.xxx ip name-server 203.50.xxx.xxx ip name-server 192.168.1.101 ! parameter-map type protocol-info msn-servers server name messenger.hotmail.com server name gateway.messenger.hotmail.com server name webmessenger.msn.com parameter-map type protocol-info aol-servers server name login.oscar.aol.com server name toc.oscar.aol.com server name oam-d09a.blue.aol.com parameter-map type protocol-info yahoo-servers server name scs.msg.yahoo.com server name scsa.msg.yahoo.com server name scsb.msg.yahoo.com server name scsc.msg.yahoo.com server name scsd.msg.yahoo.com server name cs16.msg.dcn.yahoo.com server name cs19.msg.dcn.yahoo.com server name cs42.msg.dcn.yahoo.com server name cs53.msg.dcn.yahoo.com server name cs54.msg.dcn.yahoo.com server name ads1.vip.scd.yahoo.com server name radio1.launch.vip.dal.yahoo.com server name in1.msg.vip.re2.yahoo.com server name data1.my.vip.sc5.yahoo.com server name address1.pim.vip.mud.yahoo.com server name edit.messenger.yahoo.com server name messenger.yahoo.com server name http.pager.yahoo.com server name privacy.yahoo.com server name csa.yahoo.com server name csb.yahoo.com server name csc.yahoo.com ! ! username admin privilege 15 secret 5 xxxxxx ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 crypto isakmp key xxxxx address 203.45.xxx.xxx ! ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA3 esp-3des esp-sha-hmac ! crypto map SDM_CMAP_1 1 ipsec-isakmp description Tunnel to203.45.xxx.xxx set peer 203.45.xxx.xxx set transform-set ESP-3DES-SHA3 match address SDM_2 ! archive log config hidekeys ! ! ip tcp synwait-time 10 ip ssh time-out 60 ip ssh authentication-retries 2 ! ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 description $FW_OUTSIDE$$ES_WAN$$ETH-WAN$ ip address 139.130.xxx.xxx 255.255.255.252 ip access-group 111 in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip inspect DEFAULT100 out ip flow ingress ip flow egress ip nat outside ip virtual-reassembly ip route-cache flow duplex auto speed auto crypto map SDM_CMAP_1 ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$ ip address 192.168.1.254 255.255.255.0 ip access-group 110 in no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip virtual-reassembly ip route-cache flow ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 139.130.xxx.xxx ip flow-top-talkers top 20 sort-by bytes cache-timeout 360000 ! ip http server ip http access-class 23 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source route-map SDM_RMAP_1 interface FastEthernet4 overload ip nat inside source static udp 192.168.1.51 14 139.130.xxx.xxx 14 extendable ip nat inside source static tcp 192.168.1.101 25 139.130.xxx.xxx 25 extendable ip nat inside source static tcp 192.168.1.92 80 139.130.xxx.xxx 80 extendable ip nat inside source static tcp 192.168.1.101 110 139.130.xxx.xxx 110 extendable ip nat inside source static tcp 192.168.1.101 1025 139.130.xxx.xxx 1025 extendable ip nat inside source static tcp 192.168.1.105 3395 139.130.xxx.xxx 3395 extendable ip nat inside source static udp 192.168.1.105 3395 139.130.xxx.xxx 3395 extendable ip nat inside source static tcp 192.168.1.61 3399 139.130.xxx.xxx 3399 extendable ip nat inside source static tcp 192.168.1.155 3389 139.130.xxx.xxx 3491 extendable ip nat inside source static udp 192.168.1.155 3492 139.130.xxx.xxx 3492 extendable ip nat inside source static tcp 192.168.1.161 3389 139.130.xxx.xxx 3499 extendable ip nat inside source static udp 192.168.1.105 5552 139.130.xxx.xxx 5552 extendable ip nat inside source static udp 192.168.1.105 5553 139.130.xxx.xxx 5553 extendable ip nat inside source static udp 192.168.1.105 5554 139.130.xxx.xxx 5554 extendable ip nat inside source static udp 192.168.1.105 5555 139.130.xxx.xxx 5555 extendable ip nat inside source static tcp 192.168.1.101 8080 139.130.xxx.xxx 8080 extendable ip nat inside source static tcp 192.168.1.155 18080 139.130.xxx.xxx 18080 extendable ! ip access-list extended NAT-RULES remark SDM_ACL Category=18 remark IPSec Rule deny ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255 permit ip 192.168.1.0 0.0.0.255 any ip access-list extended SDM_2 remark SDM_ACL Category=4 remark IPSec Rule permit ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255 ip access-list extended SDM_AH remark SDM_ACL Category=1 permit ahp any any ip access-list extended SDM_ESP remark SDM_ACL Category=1 permit esp any any ip access-list extended SDM_HTTPS remark SDM_ACL Category=1 permit tcp any any eq 443 ip access-list extended SDM_SHELL remark SDM_ACL Category=1 permit tcp any any eq cmd ip access-list extended SDM_SSH remark SDM_ACL Category=1 permit tcp any any eq 22 ! logging trap debugging logging 192.168.1.101 access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 192.168.1.0 0.0.0.255 access-list 100 remark SDM_ACL Category=2 access-list 100 deny ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255 access-list 100 permit ip 192.168.1.0 0.0.0.255 any access-list 101 remark SDM_ACL Category=4 access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255 access-list 102 remark SDM_ACL Category=128 access-list 102 permit ip 192.168.1.0 0.0.0.255 any access-list 103 remark SDM_ACL Category=128 access-list 103 permit ip host 203.45.xxx.xxx any access-list 104 remark SDM_ACL Category=0 access-list 104 remark IPSec Rule access-list 104 permit ip 192.168.10.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 105 remark SDM_ACL Category=4 access-list 105 remark IPSec Rule access-list 105 permit ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255 access-list 106 remark SDM_ACL Category=128 access-list 106 permit ip host 255.255.255.255 any access-list 106 permit ip 127.0.0.0 0.255.255.255 any access-list 106 permit ip 139.130.xxx.xxx 0.0.0.3 any access-list 107 remark SDM_ACL Category=128 access-list 107 permit ip 192.168.1.0 0.0.0.255 any access-list 108 remark SDM_ACL Category=128 access-list 108 permit ip host 203.45.xxx.xxx any access-list 109 remark SDM_ACL Category=0 access-list 109 remark IPSec Rule access-list 109 permit ip 192.168.10.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 110 remark auto generated by Cisco SDM Express firewall configuration access-list 110 remark SDM_ACL Category=17 access-list 110 permit udp host 192.168.1.101 eq domain any access-list 110 deny ip host 255.255.255.255 any access-list 110 deny ip 127.0.0.0 0.255.255.255 any access-list 110 permit ip any any access-list 111 remark auto generated by Cisco SDM Express firewall configuration access-list 111 remark SDM_ACL Category=17 access-list 111 remark TaxiDemoVM Web access-list 111 permit tcp any eq 18080 host 192.168.1.155 eq 18080 access-list 111 remark TaxiDemoVM RDP access-list 111 permit udp any eq 3491 host 192.168.1.155 eq 3491 access-list 111 remark TaxiDemoVM NextG access-list 111 permit tcp any eq 3492 host 192.168.1.155 eq 3492 access-list 111 permit udp host 203.45.xxx.xxx host 139.130.xxx.xxx eq non500-isakmp access-list 111 permit udp host 203.45.xxx.xxx host 139.130.xxx.xxx eq isakmp access-list 111 permit esp host 203.45.xxx.xxx host 139.130.xxx.xxx access-list 111 permit ahp host 203.45.xxx.xxx host 139.130.xxx.xxx access-list 111 permit tcp any any eq 8070 access-list 111 permit udp any any eq 8070 access-list 111 permit ip 192.168.10.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 111 permit icmp any any access-list 111 permit udp any any eq 8010 access-list 111 permit tcp any any eq 8010 access-list 111 permit udp any any eq 3457 access-list 111 permit udp any any eq 2344 access-list 111 permit udp any any eq 4447 access-list 111 permit tcp any any eq www access-list 111 permit tcp any any eq 8080 access-list 111 permit udp any any eq 4455 access-list 111 permit udp any any eq 3344 access-list 111 permit tcp any any eq 1025 access-list 111 permit tcp any eq pop3 host 192.168.1.101 eq pop3 access-list 111 permit tcp any eq smtp host 192.168.1.101 eq smtp access-list 111 permit udp host 139.130.4.4 eq domain any access-list 111 permit udp any any eq 14 access-list 111 permit udp host 203.50.2.71 eq domain any access-list 111 permit gre any any access-list 111 permit icmp any any echo-reply access-list 111 permit icmp any any time-exceeded access-list 111 permit icmp any any unreachable access-list 111 permit tcp any any eq 1723 access-list 111 permit udp any any eq 1701 access-list 111 permit udp any any eq isakmp access-list 111 permit udp any any eq 47 access-list 111 permit tcp any any eq smtp access-list 111 permit tcp any any eq pop3 access-list 111 permit udp any any eq 2244 access-list 111 permit tcp any any eq 8050 access-list 111 permit tcp any any eq 3499 access-list 111 permit tcp any any eq 3399 access-list 111 permit tcp any any eq 3491 access-list 111 permit udp any any eq 3492 access-list 111 permit tcp any any eq 18080 access-list 111 permit udp any any eq 5552 access-list 111 permit udp any any eq 5553 access-list 111 permit udp any any eq 5554 access-list 111 permit udp any any eq 5555 access-list 111 permit udp any any eq 3395 access-list 111 permit tcp any any eq 3395 access-list 111 remark CCP_ACL Category=1 access-list 111 deny ip 192.168.1.0 0.0.0.255 any access-list 111 deny ip 10.0.0.0 0.255.255.255 any access-list 111 deny ip 172.16.0.0 0.15.255.255 any access-list 111 deny ip 192.168.0.0 0.0.255.255 any access-list 111 deny ip 127.0.0.0 0.255.255.255 any access-list 111 deny ip host 255.255.255.255 any access-list 111 deny ip host 0.0.0.0 any access-list 111 deny ip any any no cdp run route-map SDM_RMAP_1 permit 1 match ip address NAT-RULES ! ! control-plane ! banner exec ^C % Password expiration warning. ----------------------------------------------------------------------- Cisco Configuration Professional (Cisco CP) is installed on this device and it provides the default username "cisco" for one-time use. If you have already used the username "cisco" to login to the router and your IOS image supports the "one-time" user option, then this username has already expired. You will not be able to login to the router with this username after you exit this session. It is strongly suggested that you create a new username with a privilege level of 15 using the following command. username <myuser> privilege 15 secret 0 <mypassword> Replace <myuser> and <mypassword> with the username and password you want to use. ----------------------------------------------------------------------- ^C banner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 login local no modem enable transport output telnet line aux 0 login local transport output telnet line vty 0 4 privilege level 15 login local transport input telnet ssh ! scheduler max-task-time 5000 scheduler allocate 4000 1000 scheduler interval 500 end

Answer : Cisco 851 Router locking up

Sounds like hardware-problem. Could it be a power-supply problem? Did you replace that one already?