Some things you can look into:
ip route 192.168.5.0 255.255.255.0 10.10.1.124
Is that the firewall interface is 10.10.1.122, or is it 10.10.1.124?
10.10.1.122 is a host address in the 10.10.1.120/30 subnet.
10.10.1.124 is a /30 network. Either way, you're dealing with two
different subnets. Oddly, it's working sometimes.
At the very begining all system works fine. After sometime they said they could not acces their email/web/dns
server from host outside their company's network... We restart ( shut; noshut) the fastethernet interface on Catalyst4006,
and then servers' network access recovered.
Sounds suspiciously like an IP conflict or some MAC weirdness with the
firewall's or 4006's IP. Is the connection between the 4006 and the
customer's firewall a basic crossover, or does the customer have a
hub/switch on their side? Assuming the subnetting statement I've made
above is based on erroneous info, check your arp cache/mac table when
it *is* working. Write down the MAC for the customer's firewall. When
it stops working, check the arp cache/mac table again. Compare the
MACs to be sure they're the same. Just for giggles, clear the arp
cache and see if that fixes it. If that doesn't, clear the entry from
the cam table.