I have a 1100AHx2 with v6.48.1 of the firmware and OS (I upgraded as part of the troubleshooting which didn’t help). I am having a problem where a single host on my internal network is unable to connect directly to the router intermittently. When the problem is happening that host can still connect through the router to the internet. It just can’t use any services on the router like DNS (I have also tested that I can’t access the router via ssh, http, or ping). Also, during the problem all other hosts have no problems connecting directly to the router and all other hosts have no problem interacting with the host having the problem.
I noticed the problem soon after I enabled on a service that backs up data from the problem host to S3. Might be something to do with increased traffic (though we are heavy internet users in general and the syncing shouldn’t be unusual in any way I can think of). It pretty much happens every time I start the backup.
Some things I have tried:
upgrading the router OS (this also reboots the router)
upgrading the router firmware
pinging the host from router also doesn’t work at the time of the problem (though the router can ping other hosts just fine)
when I do a sniffer tool session on the router, I see the ping requests coming into the router, but the router never responds
CPU load never seems to break 10%
Swapped out internal network cable and changed to different ports on both router and Cisco switch (that is only device between router and problem host)
Adding the host to a queue that limits upload to about 50% of WAN bandwidth
Other notes:
It eventually starts working again after a while
I do sometimes have some ping packet loss (5-10%, not total loss like problem host) from other hosts when the problem is happening
Problem host has bonded ethernet cables between Cisco switch and host.
I have got a similar issue only with one of my iPad, which does not reach the router on its LAN’s IP.
Like in your case, the iPad can go on internet and do all the rest.
In my case I partially fixed the issue by connecting that iPad to the router’s loopback address instead of the one from same LAN, and the iPad was able to connect.
In my case I’m using some terminal program on iPad to do ssh and only once, after that client app updated, I was able to connect to router via LAN’s IP.
After updating iOS, same issue again and now I’m connecting to loopback’s IP.
I wiped my router and started over, adding back in only the items I was confident (or at least highly confident) were not causing the problem. I am back up and running and don’t seem to have seen the problem for a while (hour) so I think that it must have something to do with these firewall rules:
You’ve got mechanism to automatically black-list some addresses. It can happen that “trusted” host lands on the list. You also have white-list. You should allow connections from white-list before dropping any of black-list (both static list and auto-list).
I agree. It HAS to be those first 2 filters that blacklist addresses for 30 minutes with a connection-limit of 30,32. My internal server must have exceeded that and there wasn’t anything first whitelisting my internal network
Probably moving this to the top would fix it:
add action=accept chain=input comment="Full access to SUPPORT address list" src-address-list=support