Internet access through T1 line down after replacing hardware firewall

I need help with this potential employment question.  This is NOT an exam question, but part of a long list for me to research and get back within the next week:

"Your company has an internet connection supplied to the LAN from a hardware firewall connected to a T1 router.  During normal business hours the Internet goes down.  After checking the T1 router and the corporate firewall you find that the firewall has suffered a hardware failure.  You replace the hardware firewall with a spare firewall.  The spare firewall is the exact same model and runs the same firmware.  You use the configuration file that was in production on the failed firewall.  The configuration file is sound.  You shutdown the old firewall and remove it from the network and you install the new firewall with the same configuration file already in place.  You cable the firewall properly and it starts normally.  None of the systems on your network can get out to the Internet.  What is the highest probable cause for this issue and what do you do first to resolve the issue.  Also list other probable causes for the Internet connectivity issue."

My initial thinking is that the new hardware firewall, although identical in model, firmware, and configuration file, has a different MAC address, and there may be an issue with the T1 provider's router and this new address.  Secondly, could installing the firewall with the configuration file already in place be an issue, as opposed to running the configuration file after physically installing the hardware firewall?

Thanks in advance for any leads on this.
ScottAllen1980Asked:
Who is Participating?
 
charan_jeetsinghCommented:
MAC address is one probable issue as most of the times for security reasons this is done to avoid evesdropping. at the local end also you can try clearing the ARP table for proxy and the connecting switches.
0
 
chatxfalconCommented:
Firewalls is working on Layer 3 and above. MAC Address is on Layer 2

I believe the problem is not on the MAC. The most probable cause is the physical setup.

Please do the following:

1) Check your cables and make sure its on the right port.
2) Check the port if working (try ping the firewall's port)
3) From your workstation try ping the gateway of your firewall.(the next hop)


I hope this helps.. :)


 
0
 
nalanbarCommented:
MAC address, more than likely. The thing to do is to traceroute, and see where the packets stop. If you hit the firewall, and then no further, then the most likely answer is that the router doesn't recognize the MAC of the firewall, and so is dropping the traffic inbound from it. The fix is to either spoof the old MAC (should be printed on the bottom of the old firewall :D), or to adjust the router, which is a better answer. The real question after the traceroute is wether you or the ISP owns the router. If it is you, then you fix it yourself, ISP, you call them.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.