Hi all
I'm having a very strange problem for the second time now. Previously (maybe 2 months ago), I arranged to do a firmware update and the problem was fixed, but I guess the reboot did it.
So, problem is a SSG5, three zones: untrust, trust and a zone to the mpls network (behind our provider CPE).
Connections from/to the mpls network, no problem at all.
Connections to the untrust zone: lots of dropped packets (cont. ping). Strange thing is, incoming pings (to the firewall's untrust if ip) are stable as hell.
Policies/session limiting don't seem to be at fault (no limit in the policy any->any ping), and I tried turning of the screen on untrust (trust has no screen options enabled).
Hardware usage low as well (cpu/mem/sessions).
I made the observation that when doing a traceroute, there are drops in the ping to the first hop (the ssg), however a cont. ping to the firewall is very stable.
U:\>tracert -d 8.8.8.8
Tracing route to 8.8.8.8 over a maximum of 30 hops
1 1 ms * * 192.168.58.254
2 * ^C
U:\>ping 192.168.58.254
Pinging 192.168.58.254 with 32 bytes of data:
Reply from 192.168.58.254: bytes=32 time=1ms TTL=64
Reply from 192.168.58.254: bytes=32 time=1ms TTL=64
Reply from 192.168.58.254: bytes=32 time=1ms TTL=64
Reply from 192.168.58.254: bytes=32 time=1ms TTL=64
Ping statistics for 192.168.58.254:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
Could someone please point me in the right direction??
Any suggestions VERY much appreciated!