I have a cisco ASA with a very basic setup.
LAN (10.8.0.x) --> ASA --> DMZ (192.168.2.x) --> internet
Intermittently I get no response from my email (and other) servers in the DMZ. However - from the internet the connection does not drop - I can continue to connect to mail ports on our servers.
I have put a PC on the DMZ and checked the connection on the servers and they are fine.
The LAN to DMZ access comes up shortly after (30 seconds or so) from the time it decides not to work, but there is seemingly no reason for the traffic not to flow.
There are no errors in the logs, traffic on the lan does go to the firewall but from there nothing appears to happen. Routes on the DMZ are simple enough so there's nothing being lost there as it's just the default back through the firewall, likewise - the ASA knows where to send traffic but appears to decide not to play nicely on a random basis - could be an hour, could be 20 minutes.... could be longer.
It works most of the time - so ACL's etc shouldn't be an issue.
I would appreciate any asssitance you might be able to provide to point me in the right direction for resolving this one.