Peculiar Unresponsivness of IP

[Kartik <kartik.netsec () gmail com>]

Hi,

We have been facing a peculiar issue since last 15 days, what happens
is that ONE of our Public IP addresses which is assigned to a Nortel
VPN device gets unreachable(request timed out) for 2-3 MINUTES after
every 5 to 10 HOURS. It adversely affects the Branch Office VPN
tunnels the moment the Public IP assigned to it gets unresponsive from
the internet.

The setup is like this:---- <Internet cloud>------- <Cisco Internet
Router which is inside our Network>------ <Cisco Switch>-------<Notel
VPN Device>-----<Firewall>---------<LAN> (Plz note that this setup has
been running since last 3-4 yrs without a problem)

Interestingly, When we try pinging the device (Public IP) from the
internet we get "request time out" at the time of outage but at the
same time when we try to ping the device from inside network, we are
able to ping it.

In short, when the outage occours:

1) we are able to ping the Internet Router
2) we are able to ping the Switch IP from the Router (for testing
purpose we gave the public IP to switch and at the time of outage the
public IP of switch is pingable)
3) we are NOT able to ping the Nortel VPN device
4) we are able to ping the Nortel VPN device from INSIDE NETWORK
5) we are able to ping the SWITCH from Nortel VPN device at the time of outage

The most interesting part of it is that this outage lasts for only 2-3
minutes and the connectivity automatically gets restored after 2-3
minutes. We cant even presume that when this outage will happen again.
sometimes the duration between the outages was 5hrs, sometimes 8hrs
and sometimes even 16hrs.

We opened a ticket with Nortel technical support and after all the
analysis they said that VPN device is working fine. Even we also
cheked the Cisco Switch and it also seems to be Ok.

Please suggest.

-- 
Thanx,
Kartik
www.hcl.in
+1 408 416 2089 X 5313
+91 9810998169