Our network consists of 2 locations...LAN1 on 10.104.0.0/22 and 10.103.0.0/22 on LAN2. At each end, we have an FVX538v2 connected via MPLS with routes pointing to the MPLS router for any traffic destined for the opposite LAN.
During routine maintenance, I decided to update the LAN2 FVX538 to the latest firmware (3.0.6-29) and all of a sudden, Lan1 cannot communicate properly with Lan2. However, Lan2 can still access resources in Lan1. I decided then to update the Lan1 side to latest version and now neither side can communicate.
I have followed firmware update procedures mentioned by jmizoguchi and adit...uploaded firmware minimum 2 times on each firewall and each time reset to defaults twice after each upgrade. All configs have been manually entered after reset. I have even done hard resets by holding in reset button and powering down the device.
Tracerts are showing the traffic is routed from FVX538 to the MPLS router, but it times out once it reaches the other side.
Activating the gateway-to-gateway VPN allows both sides to communicate. Manually entering a route into the route tables using the MPLS router as a gateway also allows communication. So it appears to be related to routing.
My suspicions were that it's firmware related, so to verify, I downgraded LAN2 to 3.0.6-25 and now, I have a one way communication. Lan1 can ping Lan2 but not vice versa...exact opposite of the initial scenario.
Is this bugged firmware or some sort of misconfiguration on my part? Has anyone else tried the 3.0.6-29 firmware?
my guess is if both end is reverted with the firmware it should work.
if does, you will need to contact support to report this issues. also email me directly on this so that I can send off to L3 directly and put some reports with it
Is the router in Classical Routing mode or NAT?
If you are using NAT it will be one way communication.
In my case the router is in NAT mode and I presume the op's routers are too.
However, this routing apllies only to LAN-Interface of the router, so why would there be NAT involved and why did it work up to 3.0.6-25?
Is one firmware ver works but no others and you dis hard reset the router and manually configure the router still show the same issues, contact support at my.Netgear.com
Can you diagram the setup including all LAN interface IP's? List all interface static routes.
Are you running RIP?
Since the traffic is making it to one of the MPLS routers is it making it through to the other MPLS router?
Sorry to dig up an old thread, but I am am also having routing issues with Multi-homed subnets too. I am currently on FVX538v2 3.0.7-24 f/w.
I have my primary IP subnet (172.16.0.75/21) working well, and have added a multi-homed subnet (172.16.8.1 / 21). I can staticly assign an IP address, to both subnets and can ping the gateways from either subnet, but cannot contact any other device on the other subnet...this might explain it better...
Subnet 1: Gateway : 172.16.0.75 /21
Subnet 2: (multi-homed) Gateway : 172.16.8.1 /21
A device on subnet 1 (172.16.0.2 /21 for example) can ping 172.16.0.75 (the gateway of its own subnet) and 172.16.8.1 (the gateway of the multi-homed subnet), but cannot ping any other device on subnet 2, nor vice versa.
I would imagine that the routing table is automatically configured, and it appears that it is...
LAN / 172.16.0.0 / 255.255.248.0 / 0.0.0.0 / 0 LAN / 172.16.0.0 / 255.255.248.0 / 172.16.0.75 / 1 LAN / 172.16.8.0 / 255.255.248.0 / 0.0.0.0 / 0 LAN / 172.16.8.0 / 255.255.248.0 /172.16.8.1 / 1 LAN / default / 0.0.0.0 / 172.16.0.76 / 2
As previously mentioned in other posts, routing should just happen on establishment of the multi-homed subnet, but in our case it is not. Is this a bug in the FW?
