We have a program that communicates to a webservice from a remote site. This program works great at several locations. However at one location there is a problem. At this location, The remote sites use cisco 1760 routers. The main site uses a Cisco 3745. These are connected using frame relay, and IPSEC tunnelling.
After a few days, one or more of the remote sites will quit talking to the web server. You cannot tracert or ping, or see the webserver at the main site. You can however tracert or ping to any other machine at the main site - it's just that particular route that doesn't work. You can also get to the webserver from other machines.
The windows firewall is not running. The remote site is running Symantic antivirus, but they swear there is no firewall enabled.
Shutting our service off, and then starting it back up drops the connection, and then all traffic starts working again.
To me it sounded like some sort of intrusion detection, but they swear it is not on. Any Ideas?
2007-06-27 02:57:08 · 4 answers · asked by jack99skellington 7 in Computers & Internet ➔ Computer Networking
Put a packet sniffer of the wire at various points to try and pin point how far your traffic is making it and if the system is definitely refusing that traffic. If it is a firewall you will typically see the socket establish but an immediate close on the socket connection. A good free windows packet sniffer is ethereal. Very comparable to professional versions. Hope this help at least a little.
2007-06-27 03:33:38 · answer #1 · answered by Greg 2 · 0⤊ 0⤋
Sounds like dns issues from the remote site. If you are able to ping the cisco 1760 from the internal network but is unable to resolve remote addresses then it's the best place to start looking.
2007-06-27 10:27:31 · answer #2 · answered by tombo 1 · 0⤊ 0⤋
I had a similar problem but it was the opposite. I could only ping the server from one machine, the rest could not reach the host. This problem is caused by IPsec. It sounds like it is misconfigured at the server.
Good Luck.
2007-06-27 10:15:53 · answer #3 · answered by marco 3 · 0⤊ 0⤋
Just a thought but could it be DHCP lease times? I had a similar issue but when we change the lease times to 30 days (we always do a monthly maintenance that resets everything) the issue went away! Don't know but might be worth checking.
2007-06-27 11:23:31 · answer #4 · answered by Tracy L 7 · 0⤊ 0⤋