R60-R65 upgrade ssl drop

[kevindri]

I moved server boxes and also upgraded from R60 to R65.

Once a user would connect it could stay connected for anywhere between 5 minutes to 2 hours. All sessions would drop at same time.

Logs didn't show anything.

Old server had 10/100 NIC cards the new one Gigabit network cards.

We made a change to set the Public NIC to 100 MB full duplex to match the router.
We still had the same problem.

SecureClient was able to work.

The new R65 firewall also to had a Connectra CM license - but where going to connect the original way of connecting to gw.ip.address

Has anyone else seen this issue?

[chillyjim]

Haven't seen this one but there there are some changes to SNX in HFA01 (HFA02 is current), it might be worth a quick try if you haven't installed it yet.

[kevindri]

turned out to be bad on-board NIC

[kevindri]

Update:
We tried again after motherboard replace and we had worse issues.

It appeared to be fine in Parallel testing mode, but when thrown into live environment with heavy load and traffic, lots of things did not work and connectivity to servers or the firewall web admin were slow.


We did here from a consultant who helped troubleshoot say that the Broadcom NIC cards have issues and Intell should be used.

Has anyone else experienced this issue?
Dell 1950 Poweredge server or problem with Broadcom NIC's

ready to buy a 4port Intel nic card and hopefully that will be it.


Link to new thrhead in Interoperablity.
R65 + Dell 1950 + Broadcom NIC

[melipla]

I've had good success with Intel Pro 1000s (duals and quads). I've definitely have had issues in the past with cards that are not on the Hardware Compatibility list (NICs), so I highly recommend you use something from that list. I don't see your broadcomm on there so I would not recommend using it.

HTH