Recently we've changed our network routing, and now we're seeing some strange behavior. Inbound VPN connections can't connect to resources, and it looks like it's because return traffic is being routed incorrectly.
* Switch has some static IP routes:
- 0.0.0.0 next hop 10.1.0.3 (Public internet)
- 10.0.3.0/24 next hop 10.1.0.2 (WAN connection to VPN/firewall)
- 10.10.10.0 (local)
* VPN client is connected on 10.0.3.3
* VPN client attempts to reach 10.10.10.10, but can't
* Tracert shows that outbound traffic from 10.10.10.x to 10.0.3.3 is being routed out 10.1.0.3 instead of 10.1.0.2
We've seen that 10.10.10.x clients on some ports will use the right route, while others use the wrong one. This problem has only appeared in the past few days, and the most recent static route changes were a couple of weeks ago. Rebooting the stack seems to take care of everything for a while, but then it creeps back in. Assuming it's something to do with the switch's routing algorithm, but I'm not sure if there's anything that can be done to fix it directly.
We're still running firmware v184.108.40.206, and I see that there are v3.x versions available. Is this a known issue that might be addressed by firmware, or should I be looking for a configuration problem? Suggestions?
Introduction:Topology Diagram:Configuration Overview:Related
Information: Introduction: This document describes how to connect SG300
with Catalyst switch via STP. Spanning Tree Protocol (STP) is a Layer 2
protocol that runs on mainly on switches. The spec...
The Sx500 Series Stackable Switches offers different port features. You
can add security to a port, make the port more energy efficient, map a
VLAN to a port, make a port available or not to a specific network
portion, and so forth. The next set of articl...
Recently, HP Networking published a blog post attempting to counter the
favorable third party Miercom report on our Cisco® 200 and 300 Series
Smart and Managed switches: