Hi all,
This is truly a weird one and I hope you can help me find a solution.
We have 2 ASG525's running in active-passive HA. Last night I updated one to 9.353-4 but this problem was occurring on the previous version over the last week, I was hoping the update would solve it :(
The bulk of our 1200 users are working fine but we have been getting an increasing number of reports of a machine that cannot connect to the external Internet. When these users call up the help-desk guys have been verifying that they can connect to internal resources (Intranet, LMS etc) all correctly and they have lost all external access. Today, I have been working on a number of these devices to try and work out the cause, a reboot fixes them but that is not really a solution as it is becoming more regular.
A machine that is not working say has an IP address of 192.168.2.1 and the firewall has an address of 192.168.1.1. My machine has an address of 192.168.2.2.
From my machine I can ping the firewall but cannot ping the affected client.
From the firewall I can ping my machine but not the affected client.
From the core switch I can ping all 3 devices.
From my machine I can traceroute to google.com successfully.
From the affected machine the traceroute to google.com fails as soon as it hits the vlan address of the core switch.
From the firewall I can traceroute to my machine and google.com but not the affected machine.
From the core switch I can traceroute successfully to everything mentioned here.
I have tried to clear the ARP and route cache from the CLI of the UTM. I have tried to clear the ARP cache on the core switch. I have tried to reset every toggle switch possible in the UTM as the problem is occuring but nothing except an interface disconnect (or reboot) gets that machine to start making external connections once again.
Anyone got any ideas to help with this one?
Cheers,
Brendan
This thread was automatically locked due to age.
