My company has a HQ office in California and a branch office in North Carolina.

Problem: My NC user's Citrix sessions drop every day at around 8:05. I run PingPlotter on a PC on my LAN. It shows packet loss on the ethernet (inside) interface of my managed AT&T router for typically 30 to 60 seconds whenever the user connections drop. This has been happening for months. I hope the moderator or someone can offer possible reasons why.

More background: Each location has AT&T dedicated T1. Cal and NC have a site-to-site VPN between two SonicWALL firewalls. We run MS Office apps and an order entry app on three Citrix MetaFrame servers at HQ. NC accesses the apps via the VPN using thin client terminals (Wyse Winterms). Every day, NC gets diconnected from their Citrix sessions. This is a time-specific event - usually happening near 8:05 and usually again roughly 15 minutes later. However, disconnects also happen at other times but not on such a predictable basis. Sessions also dropped when we had Sprint T1 in CAL and a BellSouth fractional T1 in NC. So I think the problem is my CAL firewall or something else in my CAL LAN. I capture firewall events to a Syslog. I don't see any events that look like the VPN renegotiating which would be the easiest explanation. I do see a fairly consistent pattern of "Broadcast packet dropped" prior to and after the dropped connections, and also typcially "ICMP packet dropped" around that time. Also occassionaly "ARP timeout" around that time. I also run PingPlotter on a PC outside my firewall and do not see the packet loss.

Any input would be very much appreciated.

PS - not sure how to attach a .png file but will try.