Thread: Disconnect after Policy Install
View Single Post
  #6 (permalink)  
Old 2008-01-13
RayPesek RayPesek is offline
Senior Member
  
Join Date: 2006-03-19
Location: Northern Ohio
Posts: 862
Rep Power: 3
RayPesek has an average reputation (10+)
Default Re: Disconnect after Policy Install
Installing the security policy does reset all of the automatic ARPs. Try this:

SSH to the firewall and continuously ping the next hop router, the one between the firewall external interface and your ISP.

Set up a security rule to allow this if needed. Also set up a security rule to allow you to ping the same router from your desktop.

Once both the firewall and your desktop are pinging the next-hop router continuously, push a policy and see if the pinging stops for awhile.

Normally the firewall external interface is caused by Hide NAT. If this is a proxy ARP issue the pinging should not stop.

Ray
Reply With Quote