Network Dropouts - VLan to VLan
Having an issue and looking for some ideas from the community.
Our old network layout was simply.
Subnet A 10.1.1.0/24 VLAN 10
Subnet B 10.1.2.0/24 VLAN 20
On a Layer 2 switch with routing capability.
Both networks could interact without issues routing through the gateway IP's on the switch.
We ran this particular setup for over 10 years without issue.
Now we have restructured the network and removed the L2 switch and put a Watchguard M570 in the middle.
The new setup is as follows.
Subnet A 10.1.1.0/24 - Trusted - Interface 1
Subnet B 10.1.2.0/24 VLAN 20 - Trusted - Interface 4
Interface 1 is connected to server backend switches and Interface 4 is connected to a client network.
Very basic very open firewall rule allowing Subnet B and Subnet A to communicate via the Watchguard, Firewall definition is ANY so it literally doesn't block a thing.
Now I have a PBX sitting on Subnet A 10.1.1.230 for example and VOIP phones sitting on Subnet B.
In the old scenario I would have no problems with the network configured this way as the L2 switch wasn't influencing anything.
But in the new scenario I have mentioned above I have what seems like random dropouts on random handsets. My own desk phone I will see drop out anywhere from 6 - 30 times per day.
I have attempted to diagnose the fault the following ways.
- Replaced ethernet cable on a known problem handset.
- Tried patching the handset into 3 different switches on Subnet B
- Installed a POE injector on a known problem handset to rule out any POE power delivery issues.
- Through port mirroring ran Wireshark on the phone to see if i could figure out what was happening. Traffic just stops, phone reboots and then traffic resumes as normal.
The only place I can think of now is the Watchguard itself and potentially it closing TCP or UDP ports down it thinks are stale ?
Any ideas from the community would help greatly!
Switches are Ubiquiti Unifi series with latest firmware (have turned off STP and RSTP to see if it helped)
Watchguard is a M570 with firmware 12.6.2.B628197