Hi all,
I have a weird issue. I recently replaced an old Draytek router with a Juniper SRX100B.
The network is pretty simple, there are two VLANS connected to the firewall with just a small handful of servers connected. There is also a site-to-site VPN connected to a data centre.
Site-to-site VPN seems to work fine, I have Exchange replication between them and this is working fine.
The issue i've got, is that internet access from servers on the VLANS connected to the Juniper are very very slow and in most cases anything TCP just doesn't work.
So, from the servers I can steadily ping 8.8.8.8 and not drop a single packet. If I try to go on a website, 90% of the time it will take forever to load or just completely fail. An apt-get update from an Ubuntu server also fails.
DNS resolution looks to be working fine, for some reason it seems anything TCP out to the WAN just doesn't wanna work.
The config on the Juniper is pretty basic really, there is an outbound firewall rule allowing anything from trust (the VLANS) to untrust (The WAN)
I've checked CPU/memory on the Juniper and all looks to be good.
Does anybody have ideas on what I can test next to get to the bottom of this?
Thanks in advance.
No comments:
Post a Comment