Hello,
We seem to have a very strange issue happening on my network. We have two physically separated networks with a DMZ between them.
We recently put in an HA pair of Fortigate firewalls to replace 2 ASA's in an HA pair. The DMZ is between an HA pair of Fortigate firewalls and a single ASA. After switching from the original HA pair of ASA's to the fortigates, our credit card terminals will randomly lose connection for a second and then come back online. It's just a flicker up and down notice we get. We notice most of them drop every 4 hours on the mark. Some flicker throughout the day.
There is traffic from our Fortigate side( credit card terminals) that needs to communicate over the DMZ to the single ASA side (Server). We thought maybe it was an arp related problem, but I flushed the arp tables on our core switches and firewalls.
The only thing we have rebooted are the credit card terminals. No servers or networking equipment has been rebooted other then the Fortigate HA pair.
We have 1 static route, routing the credit card terminal's to the DMZ on the single ASA and on the Fortigate, we have the server subnet to the DMZ
Subnets:
Server:10.x.x.x
Credit Card: 192.168.x.x
DMZ: 172.x.x.x
Route on the ASA
Interface: DMZ IP 192.168.x.x gateway: 172.x.x.254
Route on Foritgate
Interface: DMZ - IP: 10.x.x.x - gateway: 172.x.x.253
I know you will need more information, but I thought I would start with this and hopefully someone would be able to ask some questions to pop some ideas in my head to look at next.
No comments:
Post a Comment