Home | Troubleshooting |  Quick Setup  |  Cisco How to  |  Wireless  |  Forums   | Site Map | Services  | About Us | Chicagotech MVP  | Search  | Contact Us  |              

 

 

The Internet downs every 30 minutes

Situation: One of clients called and told us that their Internet access kept down every 30 minutes. They have two subnets, one is main office LAN 10.0.0.0/16 and another is 192.168.5.0/24 for the DMZ doing web sites and FTP. There are two Cisco PIX 515 Firewalls connecting a Cisco router for the Internet access. One firewall connects to the LAN. Another and another firewall connects to the DMZ.

When the Internet downs, they could ping any public IPs from the LAN firewall while no user could ping a public IP from workstation. Also, web server in the DMZ could access the Internet without any problems.

Clear xlate didnít fix the problem. If they reset the LAN firewall, it worked for 30 minutes to 1 hour. Then they needed to reset it again.

What we did.

  1. What did they change recently? Ė Answer None (this is not true and they did add one device).
  2. When ping the LAN firewall, 10.0.0.2. We receive the reply.
  3. When ping the Cisco router, we received time out.
  4. After reset the firewall, used ARP command to check the firewall MAC. It displayed 00-12-80-cb-da-56. Aftre the Internet down, ARP displayed a different MAC 00-01-55-10-14-ed  (see below).

After reset the firewall:

C:\Documents and Settings\blin>

arp -a 10.0.0.2

Interface: 10.0.0.25 --- 0x10004

  Internet Address      Physical Address      Type

  10.0.0.2              00-12-80-cb-da-56     dynamic

After the internet down:

C:\Documents and Settings\blin>arp -a 10.0.0.2

Interface: 10.0.0.25 --- 0x10004

  Internet Address      Physical Address      Type

  10.0.0.2             00-01-55-10-14-ed     dynamic

Problem: after searching for the device, 00-01-55-10-14-ed. We found that the client just added a Promise storage server that was using the same IP of the firewall, 10.0.0.2. Br default, the storage server use IP 10.0.0.2. We changed the IP to 10.0.0.200, and then they don't have this problem any more.

Post your questions, comments, feedbacks and suggestions

Contact a consultant

Related Topics

No ARP Entries Found

Slow Internet Access - Case Study
 


 

 


 

 

Hit Counter   This web is provided "AS IS" with no warranties.
Copyright © 2002-2017 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.