My company has just purchased an SA 540, to operate it as a gateway and firewall for our remote servers in our ISPs data center. However, after a certain period of time (ranging from 2 minutes to several hours) the unit keeps dropping the WAN connection, making the unit unaccessible from the WAN side. The strange thing is, that when the connection is dropped, the unit is perfectly accessible from the LAN side, the WAN LED is still on, status info shows the WAN link up, and packet trace shows broadcasted traffic on the WAN interface, so only the directed communication to and from the ISPs gateway (configured to fix IP) seems to be blocked for some reason. When this happens, then plugging the WAN cable to the Optional WAN port enables traffic again, but it is also dropped after some time, and then only power cycling the unit restores WAN connectivity.
We have tried to upgrade the firmware, but the unit keeps failing with 1.1.42 stable, as well as with 1.1.62 RC1 and RC2 installed. We have replaced the unit by the reseller, tried to disable the firewall, RMON, the site-to-site IPSec VPN connection, but neither of these action made it run for longer than a few hours. Internal logs and syslog do not show anything that can be related to a dropped connection or blocked IP. In our test lab, however we were NOT able to reproduce this error, so I am certain that some external phenomenon is causing it at the data center, but we were unable to find out what. One clue we have found is the message "[Kernel][KERNEL] Badness in local_bh_enable at kernel/softirq.c:140" in syslog.
Any help will be appreciated, as the SA 540 would be an ideal solution for us and for many of our partners, but if unsolved, this error will force us to look for an alternate solution.