Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




71 posts

Master Geek
+1 received by user: 18


Topic # 201693 30-Aug-2016 10:05
Send private message

I'm not even sure which forum to post this in!

 

I have a VPN connection to my workplace. I suffer from frequent early VPN disconnects but occasionally it works normally.

 

a. The workplace is connected to Lightwire. I am on Spark fibre unlimited 200/20 which is fantastic for normal Internet use.

 

b. I have a Linksys EA8500 router and use ethernet (not wireless) to connect my PC to my home network. VPN passthrough is turned on. This is my second Router: I had exactly the same problem when I used a NetComm NF8AC.

 

c. My PC uses Windows 7 64-bit and I have Norton Internet Security installed.

 

My VPN dialler apears to be set up correctly. I can very briefly connect to the work network but it almost always disconnects after 30-60 seconds. During that window I have normal connectivity with the servers at work and can ping them. Then the connection drops but the PC shows it is still connected, but pings time out.

 

However by doing nothing different periodically for 2-3 days I get normal stable connectivity and can work remotely, but after a couple of days it fails again at 30-60 seconds.

 

1. At the time of the disconnect after showing a series of "success" messages Windows  Event Viewer lists an RAS Error:

 

2. Event ID 20226 "The user ***** dialed a connection named ***VPN Connection which has terminated. The reason code returned on termination is 631."  -code 631 says "the port was disconnected by the user".

 

3. I  set up a VPN dialup from my Windows 10 laptop which connects but then immediately disconnects (same RAS Even messages) but does a stable connection over 3G. My laptop does not have Norton Installed, instead using Windows Firewall.

 

In summary two PC's on my home network with different operating systems and different firewalls are having the same problem of VPN disconnections, and it occurs with two different routers. I can connect via Vodafone 3G which suggests it is not a problem at the workplace or their ISP (Lightwire).

 

 

 

So where should I go from here?

 

 

 

 

 

 


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
2463 posts

Uber Geek
+1 received by user: 735

Trusted
Lifetime subscriber

  Reply # 1619512 30-Aug-2016 10:14
2 people support this post
Send private message

I was thinking at first that it might be a CG-NAT issue on your home broadband, but that would not allow it to work at all.

 

Turn off the VPN pass-through in the router.  I'm fairly sure this is for incoming VPN connections (i.e. a VPN server on your LAN).  I'm leaning toward it being an issue with your home router.  I did see you are on a second router with the same issue.  Perhaps a firmware upgrade?

 

If one of your computers is a laptop, I would take it to a couple of friends places and try on their broadband to see if it makes a difference.





"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams



71 posts

Master Geek
+1 received by user: 18


  Reply # 1619517 30-Aug-2016 10:21
Send private message

When I untick the boxes in the Linksys setup and turn off VPN bypass there is no VPN connectivity at all. When I turn it back on again I get the brief connection. I think this opens the 1723 port for PPTP.

 

I had the problem on the NetComm router within a day of the VPN being set up so after a week of grief I bought the Linksys router but then it had the same problem!


 
 
 
 


xpd

Chief Trash Bandit
9138 posts

Uber Geek
+1 received by user: 1436

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 1619519 30-Aug-2016 10:30
Send private message

Turn off firewalls on your system, and see if any better.





XPD / Gavin / DemiseNZ

 

Server : i3-3240 @ 3.40GHz  16GB RAM  Win 10 Pro    Workstation : i5-xxxx @ x.xxGHz  16GB RAM  Win 10 pro    Console : Xbox One

 

https://www.xpd.co.nz - Games, geeks, and more.    


1432 posts

Uber Geek
+1 received by user: 375


  Reply # 1619534 30-Aug-2016 10:51
One person supports this post
Send private message

What VPN client are you using?

 

I wonder if it could be an MTU issue.

 

See troubleshooting here for some ideas/tips




71 posts

Master Geek
+1 received by user: 18


  Reply # 1619638 30-Aug-2016 13:04
Send private message

Standard Windows 7 VPN client. I thought about MTU currently on auto in the router. I used TCP optimizer and changed it to 1492 but it made no difference. Also would not explain why sometimes it will work for 2-3 days.
I'm wondering now about possible Spark filtering perhaps trying to stop VPN access used for geo unblocking (but mine is a corporate VPN used to view medical Xrays).

1432 posts

Uber Geek
+1 received by user: 375


  Reply # 1619647 30-Aug-2016 13:20
Send private message

Nah, we use VPN's over Spark VDSL & fibre connections no problem.

 

I'm not sure 1492 is low enough for effective troubleshooting. Try going down to 1300 on the network adapter, and try again.


5281 posts

Uber Geek
+1 received by user: 2142


  Reply # 1619680 30-Aug-2016 14:00
Send private message

I have the same issues with Spark UFB at home.  I had it with ADSL, have it with 'UF' B.

 

Two different routers, three different computers (all hardwired to router).

 

Same issue.  made worse by use of a code generator app.  The codes often expires before the authentication process completes.





Mike

2473 posts

Uber Geek
+1 received by user: 883

Trusted
Lifetime subscriber

  Reply # 1620018 31-Aug-2016 07:00
Send private message

I have no problems with my work IPSEC and numerous OpenVPN tunnels I run from home. Longest was 3 months before I had to reboot my VPS.
L2TP and PPTP can have issues as many modern routers support them in the router itself. I can guarantee that the issue will be with your router doing something it shouldn't be doing.
I would chat with your works IT department and ask if they have any other VPN concentrators you can test with.







71 posts

Master Geek
+1 received by user: 18


  Reply # 1620567 1-Sep-2016 07:54
Send private message

Reply to AmigaOS: Turning off the firewalls (Norton in the PC and the Router firewall) makes no difference. I even put it in the DMZ and it made no difference. VPN still fails within 30 seconds.

 

Reply to Dairyxox: You are the only poster so far who reports success using VPN over Spark fibre to a workplace.  Can I ask what setup works, specifically which router brand and model can successfully sustain a VPN connection in your situation? And are we talking PPTP which is the protocol our company uses and which works for other remote access staff?

 

 

 

If anyone else has a reliable corporate VPN over Spark fibre can I also ask what router you are using?


1432 posts

Uber Geek
+1 received by user: 375


  Reply # 1620622 1-Sep-2016 08:43
Send private message

I'm using the old Cisco VPN client which uses L2TP/IPsec. 

 

The router is the standard Spark supplied Huawei HG659b, but I've also had success with TP-Link routers.


349 posts

Ultimate Geek
+1 received by user: 84


  Reply # 1621705 2-Sep-2016 22:27
Send private message

Dairyxox:

 

Nah, we use VPN's over Spark VDSL & fibre connections no problem.

 

I'm not sure 1492 is low enough for effective troubleshooting. Try going down to 1300 on the network adapter, and try again.

 

 

 

 

^ as above. 1492 is not low enough for PPPoE/PPPoA. Try 1452/or 1420/or 1308.




71 posts

Master Geek
+1 received by user: 18


  Reply # 1621735 2-Sep-2016 23:56
Send private message

OK, I tried 1300 and it caused streaming buffering on Lightbox for some reason which resolved when I put it back to Auto.

 

 

 

However due to the efforts of our company IT guy we have discovered something:

 

The VPN stays connected if there is no other major network traffic. As soon as another PC on my home network does something (like plugging in an Ethernet cable or startup or logging in to Skype or streaming i.e. doing something that creates a burst of network traffic) the VPN drops. After the drop I can reconnect and continue working.

 

It does not matter if they device causing the data burst is on an Ethernet or a WiFi connection.

 

It is a Gigabit network with Cat 6 cable (less than a year old) and a TP-Link Gigabit 24 port switch and a Linksys EA8500 router so there is lots of headroom and the network does not run slowly at all.

 

Any ideas?

 

I plan to trial another switch (since I am already on my second router) to see what happens.


187 posts

Master Geek
+1 received by user: 10

Trusted

  Reply # 1621780 3-Sep-2016 07:46
Send private message

can you create a guest lan on the router and only run your comptuter with the vpn issues on it.





Anything I suggest or say is my own thoughts and not provided by anyone else unless stated

2473 posts

Uber Geek
+1 received by user: 883

Trusted
Lifetime subscriber

  Reply # 1621901 3-Sep-2016 13:14
Send private message

davisg:

 

OK, I tried 1300 and it caused streaming buffering on Lightbox for some reason which resolved when I put it back to Auto.

 

 

Don't mess with the router MTU, it's only going to break things. Perhaps you can chance the MTU of the VPN Client. But you shouldn't touch the router MTU.

 

davisg:

 

However due to the efforts of our company IT guy we have discovered something:

 

The VPN stays connected if there is no other major network traffic. As soon as another PC on my home network does something (like plugging in an Ethernet cable or startup or logging in to Skype or streaming i.e. doing something that creates a burst of network traffic) the VPN drops. After the drop I can reconnect and continue working.

 

It does not matter if they device causing the data burst is on an Ethernet or a WiFi connection.

 

It is a Gigabit network with Cat 6 cable (less than a year old) and a TP-Link Gigabit 24 port switch and a Linksys EA8500 router so there is lots of headroom and the network does not run slowly at all.

 

Any ideas?

 

I plan to trial another switch (since I am already on my second router) to see what happens.

 

 

You shouldn't flick between Wifi and wired connections that would have two separate IP Addresses as they are different network cards. This would definitely drop your VPN tunnel so don't do that. I would recommend having a wired connection.

 

If you're not having any joy you could try setting "DMZ" Mode so all internet traffic is routed to your PC. This is not recommended unless you have disabled all services such as drive mappings and terminal server since otherwise you will immediately get people trying to hack your computer.

 

I use the following on a number of my windows devices without an issue.

 

1) Very old Cisco ASA IPSec and even older Cisco 1721 running IOS VPN connecting from a very old version of the Cisco VPN IPSec client circa 2010 over UDP 500 and random UDP port.

 

2) Newer Cisco ASA SSL-VPN connecting from Cisco Anyconnect VPN Client over TCP.

 

3) OpenVPN server running on Linux VPS connecting from the OpenVPN Windows client over TCP. This is a bit more of a process to get working but does work.

 

 

 

I think it's something wrong with either your PC or the VPN Client / Server you are using. IPSec VPNs or OpenVPN just always manages to navigate through NAT firewalls. PPTP, L2TP & GRE can be somewhat problematic as the Spark supplied HG659 and similar routers have VPN clients built into them that do funny things. L2TP especially I have never manged to get a reliable connection but that's due to the nature of how L2TP works and if you have multiple clients sitting behing the NAT.






349 posts

Ultimate Geek
+1 received by user: 84


  Reply # 1621915 3-Sep-2016 14:19
Send private message

BarTender:

 

davisg:

 

OK, I tried 1300 and it caused streaming buffering on Lightbox for some reason which resolved when I put it back to Auto.

 

 

Don't mess with the router MTU, it's only going to break things. Perhaps you can chance the MTU of the VPN Client. But you shouldn't touch the router MTU.

 

 

 

 

 

 

Why do you think that?


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.