Link to home
Start Free TrialLog in
Avatar of purpleit
purpleit

asked on

Loosing internet connection every night

Every night without fail one of my customers looses internet connectivity.  There setup is as follows:

ADSL Speedtouch router into 3com VPN Firewall then two MS Windows 2003 servers (1 used for exchange and dns, the other one as a file server).

The adsl modem never reports any faults and if i connect direct to laptop the internet connection is still live (has been for a few months).  I can still ping the 3com box but cant navigate to its address in IE.  If i restart the 3com box the internet comes back to life straight away.   We are on our 3rd 3com box so I am assuming there is an external (on internal network) factor affecting it?

On several occasions we have noticed that some pc's (not all) when they browse to our exchange server cannot see any files - however if they do it by ip address all files are there.  Lastly we have a problem with printers on the server disappearing - fixed by restart.

If you need additional info or screen shots of setup please feel free to ask.

Thanks in advance
Avatar of moorhouselondon
moorhouselondon
Flag of United Kingdom of Great Britain and Northern Ireland image

Is the Speedtouch a modern one, or is it an old one?  Some routers, usually older ones, have problems with VPN.  Is there an option on the Speedtouch to Sync with a Time Source?  Is this active, if so de-activate it and try again.  Failing that, (rather than flashing the firmware, which can render the device completely unusable), try a newer router.
It looks as if some Speedtouch devices have the option to use a time  server to synchronise its clock to a dedicated time server - and this is the default configuration.  

How often it does the syncing it doesn't say, but there may be a record on the log as to what time it occurs.
Avatar of purpleit
purpleit

ASKER

thanks for quick reply however I have checked and can confirm that time synch is disabled (and no mention in logs).  My customer has 6 branches with the same equipment at each site (minus the exchange server) and nobody else has had problems (ever).

Speedtouch routers are only a few months old and there were similar problems before changing (as a result of changing ISP)

We never reset the modem just the 3com box which we have to do at the mains as i mentioned earlier it becomes unreachable (apart from ping).

I have tried 3x 3com boxes including upgrading the firmware but no difference.

Any other advice? thanks again
That narrows the rational possibilities down to -er- nothing :-(

Need to dig deeper:

Though you have changed ISP, sometimes I have seen situations where a tracert from a system still goes via the old ISP's equipment.  BT used to have a lorra problems with Stale Sessions in the early days (but you would lose connectivity to the Router, so that doesn't sound like the answer), but if you moved ISP's partially because of this problem it could well be a misconfiguration with their equipment.

---

Another thing yet to be discussed is the possibility that something downstream from the 3Com is causing it to go into limbo.  Turning off equipment to rule each out would be a start here, if viable to do so.  

---

If these things don't help, I think you are going to have to resort to using Wireshark to find out what is happening.  One way to do this is (first off) to monitor normal activity between the router and the 3com, and see if you can spot some discontinuity.  (I still have a hunch about TimeSync), such as time going backwards, or there might be a "race" condition in someone's date algorithm which is sending it momentarily out of kilter by 24 hours.

What equipment do you have between your Router and your Firewall?  To do the above test you are going to have to sniff packets from the Router (and Acks from the 3com).  If you have a Managed Switch with a Monitor port, stick a pc on the monitor port, connect the Router and the3Com to it, and set Wireshark going.
What is in the Logs for the Server 2003?  If some scheduled maintenance occurs overnight, that could conceivably cause this - you say this is a unique difference between this location and all other locations.
my hunch was the Exchange Server due to other issues with dns like only being able to browse folders using ip addresses rather than names.  However I turned off the server overnight, came back in the morning and the 3com box had still 'fallen off the network'.  

I agree with you that I need to do the process of elimination.  I assume the logical step is to leave the speedtouch and modem connected to internet but not the network.  If in the morning the 3com box is still connected to the internet which I will test using laptop into one of the four ethernet ports on the back then i can rule out any influence from servers or other network devices.

If once again it has lost connectivity then I have narrowed it down to either the speedtouch or 3com box.

Would you concur this is the best (or at least first) course of action?

No equipment between speedtouch and 3com boxes
Nothing in logs on server(s)
Yes, I agree.

Incidentally, one other potential difference between this site and your other ones is the distance between your ADSL from the telephone exchange (which is an unvarying constant in this).  ALSO, on the subject of line quality: I presume the ADSL socket is on a master socket - the ingenious two part socket which enables you to isolate this socket from the rest of the telephone cabling.  Have you tried dismantling this socket (as far as ISP's are concerned it's a standard test for the consumer to do), and running overnight with that off?  If it's not on a Master socket, any chance it can be moved to it?  

Rationally, none of this should be an issue for the kind of problem you have, but if there are no likely candidates you have, as I said before, to dig deeper.
like your thinking - looking forward to moving this problem forward tomorrow when i visit customers premises.

One last thing for now, having read several threads in regards to 3com officeconnect routers they seem to be thought of as old fashioned.  Is there a box you can recommend for this main site which would connect via vpn with the remaining 3com boxes (until budget allows additional upgrades).

We use IPSEC with server ID because of routed ip's and then DES encryption (gateway to gateway)
The customers I have tend to favour a one-box solution.  I am not fond of SpeedTouch hardware, but that is mainly because I remember the original Sting-Ray - the hideous green thing I used to dread finding under people's desks.  
Off topic (sorry), but could not resist...

Look away now if you are squeamish...

http://speedtouch.hysplace.co.uk/images/28_L.jpg

This particular specimen is a very rare one to be found in captivity.  If you look closely you will see two green lights.
i left only the speedtouch modem and the 3com box connected to each other (in isolation from the rest of the network).  On reconnecting to the network internet has once again gone off suggesting that the problem lies with one of these two boxes?

I am going to try an alternative box to the speedtouch tomorrow to see if results change.
Thanks for the update.

Not sure I am understanding you though?  

You connected the Broadband to the Speedtouch, the Speedtouch to the 3COM, and disconnected everything else?  If that worked ok then the problem is with your LAN downstream from the 3COM.
probably down to my explanation!

I left speedtouch connected to internet and the 3 com box but disconnected 3com box from network.

In the morning i connected the 3com back to main network but with the same result as normal - no internet.

Before restarting 3com box as we normally do i connected laptop to speedtouch (replacing 3com box) and could get internet.  Modem is now showing as having a live connection for 58 days!
ASKER CERTIFIED SOLUTION
Avatar of moorhouselondon
moorhouselondon
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
dos batch file has been set away and ping statistics being recorded - great tip thanks