svasilakos
asked on
Dropped packets over established VPN's on Sonicwall NSA 240 renegotiate fixes the problem
I have two NSA 240 Sonicwall's on version 5.X OS. These SonicWalls are configured for High Availability and are using stateful failover and also have the Virtual MAC option on so they share the same MAC address. I have over 80 of these in our network but this specific site is giving me problems.
The issue is every 9 to 13 hours traffic stops flowing over the VPN connections. The VPN's are up (Green ball) and there are not eroneous log message at all to indicate a problem. Pings stop going through and so does other traffic. If I simply renegotiate the VPN's traffic picks up again for another 9 - 13 hours. The failure is anywhwere in that time frame.
I ran a packet capture an I can tell that the packets are definatley being dropped. I have attached the packet trace that I did, where I issued pings from the remote end to the destination where these 240's are and than reset the VPN connections in the middle of the trace. Packets . You'll see packets 1 thru 12 are prior to the VPN renegotiation and packets 13+ are immediatley after the renegotiation when things start to go through again. The only thing that looks suspicious to me is the mac addresses during the drop and the 'HP' switch that is involved in the drop. I am wondering is using virtual mac'ing could be causing this or if anyone has seen this before. These devices are a customer location and I do not control the HP switch. I only terminate into in on the X0(Lan side)
Strange that it's every 9 - 13 hours randomly. Wondered if anyone had any suggestions or has seen this before.
PacketCap-04262009.txt
The issue is every 9 to 13 hours traffic stops flowing over the VPN connections. The VPN's are up (Green ball) and there are not eroneous log message at all to indicate a problem. Pings stop going through and so does other traffic. If I simply renegotiate the VPN's traffic picks up again for another 9 - 13 hours. The failure is anywhwere in that time frame.
I ran a packet capture an I can tell that the packets are definatley being dropped. I have attached the packet trace that I did, where I issued pings from the remote end to the destination where these 240's are and than reset the VPN connections in the middle of the trace. Packets . You'll see packets 1 thru 12 are prior to the VPN renegotiation and packets 13+ are immediatley after the renegotiation when things start to go through again. The only thing that looks suspicious to me is the mac addresses during the drop and the 'HP' switch that is involved in the drop. I am wondering is using virtual mac'ing could be causing this or if anyone has seen this before. These devices are a customer location and I do not control the HP switch. I only terminate into in on the X0(Lan side)
Strange that it's every 9 - 13 hours randomly. Wondered if anyone had any suggestions or has seen this before.
PacketCap-04262009.txt
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.