Link to home
Create AccountLog in
Avatar of Ethan Wilson
Ethan WilsonFlag for United States of America

asked on

Internet Disconnection

At a client location, the client has an office that continues to randomly lose internet connection at roughly the same time every day. I've dedicated the VPN Firewall to DHCP and issue IP addresses and turned it off on the Server, to see if it was a conflict, issue persists. I replaced the Netgear PROSAFE VPN Firewall with a new one, issue persists. When the issue occurs the client's employees remove power from the device and reapply power and the issue is corrected. What could be causing this loss of internet. A Poor-man's Topology Map has been attached. Users at remote offices RDC into the IIS server to use applications and cannot when the offices internet goes down. The VPN router is necessary for multiple applications. User generated image
Avatar of schaps
schaps
Flag of United States of America image

You don't tell us how the T1 terminates (connects) to the router, but if it has more than one port into which you could plug a test computer, I would try to isolate what side of the router (Netgear) the problem is occurring by connecting the test computer to the T1 so that someone could quickly check whether it works when the office goes down. My suspicion is a problem with the VPN router. Do you have it set to log events? If so, does it send those events to a syslog server, or can you get into the log after the power was reset? Since it happens at roughly the same time every day, it could be a connection by a certain VPN user that messes something up. Looking at logs combined with users keeping accurate notes of exactly when the Internet appears to go down might show you exactly what is causing it. And I wrote "Internet to go down," because very often the network is up and running, but DNS or routing errors messes it up.

What is the IP range/subnet used in the office LAN? If it's a commonly used subnet, I'd change it anyway just to avoid possible problems of a user connecting who is on a network in the same subnet/IP range, and routing could get confused, and it doesn't take much confusion to make a big mess. Make sure the IPs that the VPN users get is outside the range of those handed out by your server (but in the same subnet, of course).

If you have a somewhat computer saavy person there you can have try a few things before and during an outage, that might help. You want to make sure they try these things *before* an outage, so they verify normal results:
   -Have them try to ping the gateway IP, both before and during an outage.
   -Have them try to ping the Domain Controller, both before and during an outage.
   -Have them run an "ipconfig /all"  before and during to verify they still have an IP address.
   -Have them ping an outside IP, say 8.8.8.8, before and during an outage to compare.
   -Have them go to the direct IP of some stable website: i.e. http://157.166.226.26 , which should be CNN,
      before and during an outage. If the direct IP loads the website when http://cnn.com does not, then there is a DNS problem.

Good luck, please report back.
End of first paragraph should be "And I wrote 'the Internet appears to go down,' because very often the network is up and running, but DNS or routing errors messes it up."
Avatar of Ethan Wilson

ASKER

The initial issue involves being unable to connect via RDC, so I've already eliminated DNS as the issue.
The initial issue involves being unable to connect via RDC, so I've already eliminated DNS as the issue.

In my experience, you can never count out DNS. It works -- and messes things up -- in mysterious ways.
But in this case, who knows.

So you are saying that the RDC users connect via IP address only? Just confirming.
Any comment about the rest of the things I suggested to try?

IP Address only.
router logs?
ASKER CERTIFIED SOLUTION
Avatar of Ethan Wilson
Ethan Wilson
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of Qlemo
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.