Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
This subforum is now locked. Please post TelstraClear topics in the Vodafone forum. You can find more information here.




BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

Topic # 114680 27-Feb-2013 12:38 Send private message

I have been using a SSTP connection to our Geekzone servers lately and noticed that it works really well over mobile data (Telecom 3G and LTE, 2degrees 3G) with SSTP connection staying up for hours.

On TelstraClear cable the same connection with the same target server gets disconnected every couple of minutes, as soon as traffic starts.

Any ideas? Any way to trace this? 




View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2


BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771104 27-Feb-2013 15:30 Send private message

I spent most of this morning connected to Telecom LTE in town and had no problem accesing the SSTP VPN server, with no disconnections.

Back at home on TelstraClear cable and the SSTP VPN connection drops as soon as any traffic goes through it. I have connected directly to the modem to rule out a router configuration problem, but still the same.





308 posts

Ultimate Geek
+1 received by user: 49


  Reply # 771109 27-Feb-2013 15:37 Send private message

Have you tcpdumped/wiresharked both ends, and observed the disconnect?



BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771111 27-Feb-2013 15:38 Send private message

Nope.




308 posts

Ultimate Geek
+1 received by user: 49


  Reply # 771115 27-Feb-2013 15:46 Send private message

Try it, then.  You can filter all the crap in wireshark down by specifying just the IP of the SSTP server.  You want to look at what's sent/recieved around the time of the disconnect, in particular if there are packets sent at one end that don't show up at the other.



BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771121 27-Feb-2013 15:53 Send private message

Ok, ran Wireshark on my side and got this so far (click for larger version):





466 posts

Ultimate Geek
+1 received by user: 39


  Reply # 771126 27-Feb-2013 16:06 Send private message

Are you seeing any events in the event log on the server/client ends around the time of the disconnects? Is it possible to test SSTP over a different port (other than 80/443) to rule out any transparent proxy weirdness?



BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771129 27-Feb-2013 16:12 Send private message

No error in either machine. Client shows RASMAN entry:

"CoID={385424BA-71C7-457E-B9D2-8A5FCDFA4EC8}: The connection to VPN Connection to Geekzone Servers made by user Administrator using device VPN0-1 was disconnected."

Which is expected, and nothing on the server side.

Can't test on another port because the idea is to use SSTP which goes over port 443 and wouldn't require changes in the server side hardware firewall.







58 posts

Master Geek
+1 received by user: 3


  Reply # 771132 27-Feb-2013 16:19 Send private message

The wireshark screen shot shows no traffic going the other way, ( ie from 202.175.128.168) very odd



BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771133 27-Feb-2013 16:22 Send private message

Probably because it was filtered one way only... There was certainly some traffic - ping /t running in the background and that was fine, until I fired up a SQL Studio session and tried a query and that instantly got the session terminated (and no it's not when using SQL Studio only, it happens sometimes browsing the server or a shared folder).




308 posts

Ultimate Geek
+1 received by user: 49


  Reply # 771452 28-Feb-2013 09:09 Send private message

freitasm: Ok, ran Wireshark on my side and got this so far (click for larger version):



Loads of retransmitted TCP... nothing coming back.  Either the packets aren't making the way to the other side, OR the replies aren't making their way back.  The only way you can determine which it is, is by wiresharking the other end.

Other question: can you post a screenshot scrolling up, showing the last few packets coming from 202.175.128.168.

Also have you tried doing this with a different router at the client end, or bypassing the router entirely and plugging your PC into the cable modem?



BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771454 28-Feb-2013 09:10 Send private message

The other end is the Datacom datacenter. SSTP works fine on any other network connecting to the server but TelstraClear. Yes, tried with my laptop connected directly to the cable modem...

The screnshot show one direction only because it's filtered...

I will get another trace from both sides later.




308 posts

Ultimate Geek
+1 received by user: 49


  Reply # 771466 28-Feb-2013 09:20 Send private message

freitasm: The other end is the Datacom datacenter. SSTP works fine on any other network connecting to the server but TelstraClear. Yes, tried with my laptop connected directly to the cable modem...

The screnshot show one direction only because it's filtered...

I will get another trace from both sides later.


Can you give us a screenshot showing both directions (maybe filter based on host and port)?



BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771477 28-Feb-2013 09:29 Send private message







BDFL
49499 posts

Uber Geek
+1 received by user: 4361

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771602 28-Feb-2013 11:29 Send private message

These are two traces collected from both sides:

Client side
Server side

Can't see anything strange here...






29 posts

Geek


  Reply # 771659 28-Feb-2013 12:50 Send private message

It looks as though your server has stopped sending ACK packets to the client. This leads to the client resetting the connection due to an assumed transmission failure.

You may want to check that the sequence numbers of packets sent by the client match those received by the server, and there are no missing numbers in the sequence.

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Orcon Global Mode launched
Created by freitasm, last reply by FlameBeard on 27-Aug-2014 23:27 (91 replies)
Pages... 5 6 7


Advice on Residential Fence replacement and neighbour
Created by networkn, last reply by nickrout on 27-Aug-2014 19:45 (26 replies)
Pages... 2


What would show if the net went down?
Created by gnfb, last reply by gnfb on 27-Aug-2014 23:33 (25 replies)
Pages... 2


Moving to Auckland - advise & recommendation
Created by nakedmolerat, last reply by nakedmolerat on 26-Aug-2014 22:48 (47 replies)
Pages... 2 3 4


Vodafone TV multicast settings on pfSense?
Created by kenkeniff, last reply by kenkeniff on 27-Aug-2014 10:32 (182 replies)
Pages... 11 12 13


XtraHost - Closing
Created by achieveit, last reply by quickymart on 27-Aug-2014 18:57 (19 replies)
Pages... 2


Slingshots Front Up! Are applauding or sceptical?
Created by gnfb, last reply by gnfb on 26-Aug-2014 21:49 (19 replies)
Pages... 2


Another Gaming computer help question
Created by Lyderies, last reply by timmmay on 26-Aug-2014 18:06 (38 replies)
Pages... 2 3



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.