Hey everyone,
I've been dealing with a strange networking problem since we replaced a client's switches a few weeks ago. They previously had two Cisco SG300-52P switches and some D-Link routers as access points. When one switch failed, we temporarily replaced it, and the client preferred to switch to Unifi gear. We installed two 24-port Unifi switches but later realized this wasn't enough, so we kept one SG300 as a core switch for non-PoE devices.
Now, at least once a week, their PCs lose Internet connectivity. I can access the servers just fine, and I can ping most devices, including the Unifi switches and workstations. However, at least one of the Unifi APs often goes offline in the control panel, and if left alone, both APs and switches eventually show as offline, even though the switches remain pingable. The servers connected to the SG300 always have full Internet access, likely because that's where their firewall (USG) is connected.
The PCs are still pingable but can't access the Internet via a web browser or RDP, even though they can ping the firewall and the Internet. It feels like TCP traffic is being blocked somehow.
Rebooting the SG300 seems to temporarily fix the issue, but the logs show no errors. I'm wondering if the issue relates to how we connected the two Unifi switches (SFP+) and the lack of adapters since they're currently connected via 1G ports.
I'd really appreciate any insights on what to check next! Thanks! 🙂
5 Answers
Given the situation, it might be worth seriously considering replacing the Cisco switch. With one already failed, the second could be on its last legs too. I know you only see drops occasionally, but that often signals failing hardware. Going all-in on Unifi might save you from future headaches, especially since they can be tricky with mixed vendors. Plus, their support might help if issues persist after replacing the Cisco.
So you're saying the Unifi switches are configured in a loop? That's a potential issue. The SG300 connects to Unifi SW1, which leads to SW2, and then back to SG300? Make sure STP is correctly blocking any ports to prevent loops from causing further problems.
Yep, that's how it's set up. I noticed that one of the switch ports connecting to the other switch is indeed blocked by STP, which I thought was expected in this setup.
First off, have you checked the logs on both the SG300 and the Unifi switches? Any error messages can give clues. Also, how's your Spanning Tree Protocol (STP) set up? Sometimes misconfigurations there can lead to traffic loss.
I checked and there are no errors in either the SG300 or Unifi logs. STP is configured for RSTP on both switches.
Have they tried accessing the Internet using the IP addresses of the sites directly? This could help confirm if it's a DNS issue or something deeper.
Yes, they tried that initially, and unfortunately, they still couldn't connect, which ruled out a simple DNS problem.
Next time the issue arises, consider running Wireshark on the servers to monitor traffic. Also, take a good look at the routing and ARP tables on your switches. You might uncover discrepancies like duplicate IPs that could be causing this chaos.
I’ve been leaning towards that idea too. We even have a spare 24-port non-PoE Unifi switch we could try out first. Plus, it would be much easier to manage just from the control panel.