Hi All,
Got an issue that i cant wrap my head around. We have 1 Head office and 3 subsites connected as hub+spoke via MPLS links.
One of the sites is having intermittant traffic where they can intermittantly get internet access - lets call this Site X
Network Path from sub-sites
Endpoint ---> CPE SRX PB-Mode --- > MPLS Core ----> HO SRX PB-Mode--> Checkpoint FW ----> ISP SRX PB Mode ----> ISP Core ----> INTERNET
What i am seeing from the subsite is that the ISP SRX Gateway IP address is intermittantly responding to Site X but the other subsite and HO can get out just fine/always responds.
When Site X has internet access, the gateway is responding. When Site X doesnt have internet access, the ISP Gateway IP is not responding. Throughout the whole time, the path to HO is present and responding. As well as this the other sites have internet access without issues.
I've reviewed the routing from the site CPE all the way through to our ISP core (apart from the checkpoint as we dont manage) and all the routing is correct.
I've been looking at this one for a few weeks now and alot of the time was spent confirming to the end client that this wasnt a fragmentation issue
My current thoughts are:
- IP connfliction
- Checkpoint firewall issues
Any thoughts would be of great help as im starting to struggle with this one
Cheers!
Alex