General Questions

Hi,

This is my first post - hope you can help!

We're running m0n0wall v1.11 connected to an E1 WAN. The LAN has a mixture of Linux and Windows machines.

One of the windows servers (our domain contoller) has two on-board NICs on the Intel motherboard. One is configured for the LAN 192.168...  the other is configured for the WAN (let's call it A.B.C.D) so we can have extranet, web-mail etc.

The WAN IP normally works OK, but over the last few months has become unavailable from the internet *sometimes*. When this happens, I cannot ping A.B.C.D from the internet but I CAN ping it from m0n0wall. If I leave it long enough, it eventually works again! To force it to repair, I can log in to the Windows server, disable the A.B.C.D on-board NIC then enable. This fix is immediate, but it fails again after some time.

If I don't repair it (with disable/enable) the unavailability is sometimes very regular in its times .. eg. 30 minutes available then 15 minutes unavailable

I changed the server so that the LAN NIC had both IPs and the WAN NIC disabled but the problem was the same. This makes me think it's not the NIC itself. The NICs' sleep function is disabled.

The fact that I can ping the server WAN IP from m0n0wall when it's unavailable to the internet makes me think it's something in m0n0wall. But if it's a m0n0wall problem, why does disable/enable on the Windows server fix it? During failure Tracert from external machine stops at m0n0wall. The strange thing is that we have another Windows server with simlar config and it is always available.

Any suggestions for fixes or diagnostics will be welcome.

thanks.

UPDATE:  I've found that during periods of failure the NIC in the server actually receives packets from external sources! The received packet count goes up if I set up multpile external pings. Not sure what to make of this but it seems to indicate that m0n0wall is passing packets through. Somehow the ping reply never gets back.