Hi Guys, I'm ressurecting this old thread because I'm once again encountering the same problem with this controller. Here is a quick recap on the situation. I'm literally days away from pulling this 620 controller out & replacing it with another.
1) 620 Controller has been in place for several years in a residence. The master is at another residence. Both locations have static IP's. Both are using the same provider.
2) Over the years, periodically, internet connectivity will cease. The provider says that the modem is up & everything looks good however they do NOT see any MAC addresses being learned from the controller, but there is link. Over the years we have rebooted everything countless times. Usually the only way to resolve the issue was to reboot both the modem & controller & clear the arp cache on the modem.
3) We have had the provider's technicians out numerous times to troubleshoot signal & wiring. The modem has literally been replaced 3 times. The controller is running the newest code that it can run & still use AirGroup (6.1.3.4-AirGroup).
4) Approximately 1.5 years ago, on a whim I put a cheap 4-port Netgear switch between the modem & controller. From that point on, the connectivity was rock solid until the residence was remodeled and everything was pulled out. The Netgear was missplaced and I put in a cheap Linksys router/switch instead. Disabled routing, WIFI & firewall functionality. Only functioning as a switch at this point. Still having the same problem.
Here are some config snippets for reference:
interface gigabitethernet 1/8
description "PUBLIC"
trusted
trusted vlan 1-4094
ip access-group "pubprotect-hun" session
spanning-tree portfast
!
interface vlan 1
ip address <STATIC REMOVED> 255.255.255.224
operstate up
description "COX-PUBLIC"
!
interface vlan 41
ip address 192.168.77.7 255.255.255.0
ip nat inside
operstate up
description "PRIVATE-LAN"
!
interface vlan 42
ip address 192.168.42.1 255.255.255.0
no ip routing
ip nat inside
operstate up
description "GUEST-LAN"
!
ip default-gateway <DG REMOVED>
no uplink wired vlan 1
uplink disable
ip route 72.89.131.122 255.255.255.255 ipsec default-local-master-ipsecmap
ip route 192.168.0.0 255.255.255.0 ipsec default-local-master-ipsecmap
ip route 192.168.21.0 255.255.255.0 ipsec default-local-master-ipsecmap
ip route 192.168.31.0 255.255.255.0 ipsec default-local-master-ipsecmap
ip route 192.168.51.0 255.255.255.0 ipsec default-local-master-ipsecmap
!
!
(aructrl-hunt) #show ip route
Codes: C - connected, O - OSPF, R - RIP, S - static
M - mgmt, U - route usable, * - candidate default
Gateway of last resort is Imported from DHCP to network 0.0.0.0 at cost 10
Gateway of last resort is Imported from CELL to network 0.0.0.0 at cost 10
Gateway of last resort is Imported from PPPOE to network 0.0.0.0 at cost 10
Gateway of last resort is <DG REMOVED> to network 0.0.0.0 at cost 1
S* 0.0.0.0/0 [1/0] via <DG REMOVED>*
S 72.89.131.122/32 [1/0] ipsec map default-local-master-ipsecmap
S 192.168.0.0/24 [1/0] ipsec map default-local-master-ipsecmap
S 192.168.21.0/24 [1/0] ipsec map default-local-master-ipsecmap
S 192.168.31.0/24 [1/0] ipsec map default-local-master-ipsecmap
S 192.168.51.0/24 [1/0] ipsec map default-local-master-ipsecmap
C 184.189.107.160 is directly connected, VLAN1
C 192.168.77.0 is directly connected, VLAN41
C 192.168.42.0 is directly connected, VLAN42
C 184.186.213.116 is an ipsec map default-local-master-ipsecmap
!
!
---------------------------------------------
AFTER CLEARING COUNTERS:
!
GE 1/8 is up, line protocol is up
Hardware is Gigabit Ethernet, address is 00:1A:1E:21:E7:B9 (bia 00:1A:1E:21:E7:B9)
Description: PUBLIC (RJ45 Connector)
Encapsulation ARPA, loopback not set
Configured: Duplex ( AUTO ), speed ( AUTO )
Negotiated: Duplex (Full), speed (1000 Mbps)
MTU 1500 bytes, BW is 1000 Mbit
Last clearing of "show interface" counters 0 day 0 hr 0 min 8 sec
link status last changed 0 day 0 hr 17 min 45 sec
33 packets input, 2164 bytes
Received 33 broadcasts, 0 runts, 0 giants, 0 throttles
0 input error bytes, 0 CRC, 0 frame
2 multicast, 0 unicast
12 packets output, 768 bytes
0 output errors bytes, 0 deferred
0 collisions, 0 late collisions, 0 throttles
This port is TRUSTED
I've tried removing the ACL on G1/8, but that makes no difference. It's just a session ACL that allows inbound communication from the other controllers.
So, basically the config hasn't really changed over the years, bu the issue continues to occur. At first I was certain that it was a provider problem, but I'm at the point where I want to throw this controller out the window. Has anyone ran into this before? Any thoughts before I swap out this 620? Thanks in advance!