Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
This subforum is now locked. Please post TelstraClear topics in the Vodafone forum. You can find more information here.




BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

Topic # 114680 27-Feb-2013 12:38 Send private message

I have been using a SSTP connection to our Geekzone servers lately and noticed that it works really well over mobile data (Telecom 3G and LTE, 2degrees 3G) with SSTP connection staying up for hours.

On TelstraClear cable the same connection with the same target server gets disconnected every couple of minutes, as soon as traffic starts.

Any ideas? Any way to trace this? 




View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2


BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771104 27-Feb-2013 15:30 Send private message

I spent most of this morning connected to Telecom LTE in town and had no problem accesing the SSTP VPN server, with no disconnections.

Back at home on TelstraClear cable and the SSTP VPN connection drops as soon as any traffic goes through it. I have connected directly to the modem to rule out a router configuration problem, but still the same.





326 posts

Ultimate Geek
+1 received by user: 51


  Reply # 771109 27-Feb-2013 15:37 Send private message

Have you tcpdumped/wiresharked both ends, and observed the disconnect?



BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771111 27-Feb-2013 15:38 Send private message

Nope.




326 posts

Ultimate Geek
+1 received by user: 51


  Reply # 771115 27-Feb-2013 15:46 Send private message

Try it, then.  You can filter all the crap in wireshark down by specifying just the IP of the SSTP server.  You want to look at what's sent/recieved around the time of the disconnect, in particular if there are packets sent at one end that don't show up at the other.



BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771121 27-Feb-2013 15:53 Send private message

Ok, ran Wireshark on my side and got this so far (click for larger version):





468 posts

Ultimate Geek
+1 received by user: 39


  Reply # 771126 27-Feb-2013 16:06 Send private message

Are you seeing any events in the event log on the server/client ends around the time of the disconnects? Is it possible to test SSTP over a different port (other than 80/443) to rule out any transparent proxy weirdness?



BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771129 27-Feb-2013 16:12 Send private message

No error in either machine. Client shows RASMAN entry:

"CoID={385424BA-71C7-457E-B9D2-8A5FCDFA4EC8}: The connection to VPN Connection to Geekzone Servers made by user Administrator using device VPN0-1 was disconnected."

Which is expected, and nothing on the server side.

Can't test on another port because the idea is to use SSTP which goes over port 443 and wouldn't require changes in the server side hardware firewall.







65 posts

Master Geek
+1 received by user: 3


  Reply # 771132 27-Feb-2013 16:19 Send private message

The wireshark screen shot shows no traffic going the other way, ( ie from 202.175.128.168) very odd



BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771133 27-Feb-2013 16:22 Send private message

Probably because it was filtered one way only... There was certainly some traffic - ping /t running in the background and that was fine, until I fired up a SQL Studio session and tried a query and that instantly got the session terminated (and no it's not when using SQL Studio only, it happens sometimes browsing the server or a shared folder).




326 posts

Ultimate Geek
+1 received by user: 51


  Reply # 771452 28-Feb-2013 09:09 Send private message

freitasm: Ok, ran Wireshark on my side and got this so far (click for larger version):



Loads of retransmitted TCP... nothing coming back.  Either the packets aren't making the way to the other side, OR the replies aren't making their way back.  The only way you can determine which it is, is by wiresharking the other end.

Other question: can you post a screenshot scrolling up, showing the last few packets coming from 202.175.128.168.

Also have you tried doing this with a different router at the client end, or bypassing the router entirely and plugging your PC into the cable modem?



BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771454 28-Feb-2013 09:10 Send private message

The other end is the Datacom datacenter. SSTP works fine on any other network connecting to the server but TelstraClear. Yes, tried with my laptop connected directly to the cable modem...

The screnshot show one direction only because it's filtered...

I will get another trace from both sides later.




326 posts

Ultimate Geek
+1 received by user: 51


  Reply # 771466 28-Feb-2013 09:20 Send private message

freitasm: The other end is the Datacom datacenter. SSTP works fine on any other network connecting to the server but TelstraClear. Yes, tried with my laptop connected directly to the cable modem...

The screnshot show one direction only because it's filtered...

I will get another trace from both sides later.


Can you give us a screenshot showing both directions (maybe filter based on host and port)?



BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771477 28-Feb-2013 09:29 Send private message







BDFL
49617 posts

Uber Geek
+1 received by user: 4460

Administrator
Trusted
Geekzone
Subscriber

  Reply # 771602 28-Feb-2013 11:29 Send private message

These are two traces collected from both sides:

Client side
Server side

Can't see anything strange here...






29 posts

Geek


  Reply # 771659 28-Feb-2013 12:50 Send private message

It looks as though your server has stopped sending ACK packets to the client. This leads to the client resetting the connection due to an assumed transmission failure.

You may want to check that the sequence numbers of packets sent by the client match those received by the server, and there are no missing numbers in the sequence.

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Moment of Truth?
Created by BarTender, last reply by KiwiNZ on 18-Sep-2014 21:10 (360 replies)
Pages... 22 23 24


IOS8 - Network Load
Created by FireEngine, last reply by joker97 on 18-Sep-2014 19:43 (36 replies)
Pages... 2 3


10 Iphone 128gb 6+ iphones this weekend at auckland airport
Created by frysie, last reply by TimA on 17-Sep-2014 22:02 (36 replies)
Pages... 2 3


Mr. Key to extradite Kim Dotcom?
Created by TimA, last reply by SaltyNZ on 18-Sep-2014 09:20 (126 replies)
Pages... 7 8 9


Spark DNS Issues - Amazing - Broadband Service Alert
Created by PeteS, last reply by Demeter on 15-Sep-2014 14:13 (307 replies)
Pages... 19 20 21


New On Account mobile plans - Red+
Created by NikT, last reply by paulspain on 18-Sep-2014 21:39 (18 replies)
Pages... 2


Bizarre Policy on plan change
Created by toejam316, last reply by FireEngine on 18-Sep-2014 20:22 (17 replies)
Pages... 2


2014 Holden SS (V8) or Ford XR6-T (in-line 6 turbo)
Created by joker97, last reply by ilovemusic on 16-Sep-2014 14:34 (71 replies)
Pages... 3 4 5



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.