Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6497
Views
0
Helpful
9
Replies

RV042 Connection Refused - Policy violation

rmersh1965
Level 1
Level 1

‎03-25-2011 12:49 PM

Hello,

This my first post and any assistance is greatly  appreciated!

We have been seeing really slow web browsing  as of late with the text "looking up" lingering in the status bar of the  browser (Firefox on Mac).

The Incoming Log Table is loaded with  log entries like the following:


Mar 25 13:52:00 2011 Connection Refused - Policy violation TCP xxx.xxx.xxx.xxx:6000->yy.yy.yyy.yy:1433 on ixp1

Mar 25 13:52:00 2011 Connection Refused - Policy violation TCP xxx.xxx.xxx.xxx:6000->yy.yy.yyy.yy:1433 on ixp1

Mar 25 13:52:00 2011 Connection Refused - Policy violation TCP xxx.xxx.xxx.xxx:6000->yy.yy.yyy.yy:1433 on ixp1

Mar 25 13:52:00 2011 Connection Refused - Policy violation TCP xxx.xxx.xxx.xxx:6000->yy.yy.yyy.yy:1433 on ixp1

Mar 25 13:52:00 2011 Connection Refused - Policy violation TCP xxx.xxx.xxx.xxx:6000->yy.yy.yyy.yy:1433 on ixp1

Mar 25 13:52:00 2011 Connection Refused - Policy violation TCP xxx.xxx.xxx.xxx:6000->yy.yy.yyy.yy:1433 on ixp1

Mar 25 13:52:00 2011 Connection Refused - Policy violation TCP xxx.xxx.xxx.xxx:6000->yy.yy.yyy.yy:1433 on ixp1

Mar 25 13:52:00 2011 Connection Refused - Policy violation TCP xxx.xxx.xxx.xxx:6000->yy.yy.yyy.yy:1433 on ixp1


where yy.yy.yyy.yy is the static IP we provisioned from Comcast.

I should mention that there are log entries with varying source and destination ports, not just the ones shown above.  We're seeing 6000->1433, 995->52612, 110->52613, 448->9883.


We have Comcast HSI through an SMC SMCD3G-CCR gateway connected to a  Cisco RV042 V1.2 router, which is then connected to a Netgear GS716T  switch.  Off the switch we have several computers and 4 network disk  servers.

Up until recently we have been running VPN through the  RV042 to access the disks remotely and successfully, but it now runs  incredibly slow; the onset of which seems to coincide with the  deteriorating in-office browser performance.

I'm pretty sure the  issue is not Comcast; speed test from just a few minutes ago showed  65.41 Mbps download and 5.83 Mbps upload, which is great, especially for  their Starter service.  I had Comcast in last week to check the line  anyway and they found no issues.

When I connect a computer  directly to the SMCD3G, browser performance is blistering fast.   Connecting a computer directly to the RV042, performance goes down as it  does through the switch and this is why I think the issue is with the  RV042.  I've tried disabling SPI and DoS with no change in performance.

We've  had Comcast for a few months now.  Previously we had AT&T DSL and  never saw issues like this.

Any ideas are greatly appreciated.

Thanks  so much!!

-ric.

Labels:
0 Helpful
9 Replies 9

mpyhala
Level 7
Level 7

‎03-25-2011 04:32 PM

Hi Ric,

Thank you for posting and welcome! I didn't see anything in your post about the firmware version on the router. If you haven't already, please update to version 1.3.12.19-tm. We always recommend that you factory reset the device after a firmware update and manually reconfigure it. While not common, sometimes the configuration file can become corrupted either over time or during a firmware update. Also, reconfiguring the router eliminates the possibity that there has been some configuration error.

Please reply and let us know if this helps resolve the issue. If it doesn't we can pursue other options.

0 Helpful

rmersh1965
Level 1
Level 1
In response to mpyhala

‎03-25-2011 05:11 PM

Thanks for the reply mpyhala.  The firmware is the latest: version 1.3.12.19-tm.

Would doing a factory reset and reloading the configuration file be worth a try, or go straight to a manual reconfiguration?  Is there any way to save all the settings to a (human) readable file to make the reconfig a little easier?

Thanks again mpyhala!

-ric.

0 Helpful

mpyhala
Level 7
Level 7
In response to rmersh1965

‎03-25-2011 05:35 PM

Ric,

It is certainly worth trying to reload the same config after a factory reset. You may find that simply resetting the device fixes the issue. Most of the time I think that the config file itself is the issue. After reconfiguring the router it is always a good idea to back up the "fresh" config file for future use and to recover from disasters.

You can rename the config file xxx.txt and you will see that it is mostly in English but not really readable. I recommend taking screenshots of the current config pages and using them for guidance.

0 Helpful

rmersh1965
Level 1
Level 1
In response to mpyhala

‎03-28-2011 02:48 PM

Hello mpyhala,

Thanks again for the assistance.

When I reset the router to factory settings (without loading the config file), performance was as I expected.  However, we've purchased from comcast a static IP for VPN, and when I enter that information into the router's setup page for WAN1, performance drops.  I haven't changed any settings after the factory reset except for the WAN1 static IP.

I'm no longer getting the Policy violation messages in the incoming log--with either the static IP or by obtaining the IP automatically; maybe that was a red herring?

I contacted Comcast to confirm the information I had for the static IP and it was correct.  Perhaps I've entered the information wrong?  Would you mind taking a moment to verify what I've done?

Here's the information from Comcast:

Static IP: xx.xx.xxx.97

Subnet Mask: 255.255.255.252

Default Gateway: xx.xx.xxx.98

DNS Server 1: 68.87.68.162

DNS Server 2: 68.87.74.162

And here's the information entered into the Router's setup page:

The blacked out areas are identical for the WAN IP and Default Gateway Address.

Thanks again mpyhala!

-ric.

0 Helpful

mpyhala
Level 7
Level 7
In response to rmersh1965

‎03-28-2011 04:03 PM

Hi Ric,

Thanks for the update! If your static IP information was wrong you wouldn't be able to connect at all. I think we can rule that out. The next thing I would do is go to the WAN settings and change the MTU to "Manual". Leave the value at 1500, reboot the router and test the speed. If that doesn't help, test your MTU and see if you need to lower it. You can find information about how to do that in the following post:

https://supportforums.cisco.com/message/3318881#3318881

Please keep us updated.

0 Helpful

rmersh1965
Level 1
Level 1
In response to mpyhala

‎03-29-2011 02:12 PM

Hello mpyhala,

Thanks for the latest suggestion.  Unfortunately, no improvement.

On a whim, however, I decided to see what happened on a Windows machine (actually running under VMware on a Mac), and performance was as expected--great!  So, it's a Mac OS X issue introduced in a recent update, and after much digging, I've found a fix!

I want to thank you for all of your help, even though it didn't turn out to be a RV042 problem.  I hope I haven't wasted too much of your time.

Warmest regards,

-ric.

0 Helpful

mpyhala
Level 7
Level 7
In response to rmersh1965

‎03-29-2011 05:45 PM

Hi Ric,

Thank you very much for the update. You're welcome and none of my time was wasted. I'm glad you found a fix!

0 Helpful

johnlinthicum
Level 1
Level 1
In response to mpyhala

‎05-18-2012 12:15 PM

Hi Ric,

You mentioned you'd found a fix for an OS X issue resulting in all the refused connections, and not your RV042.

Can you point me in that direction as I'm seeing the same thing?

John

0 Helpful

rmersh1965
Level 1
Level 1
In response to johnlinthicum

‎05-18-2012 08:11 PM

Hi John,

This is going back a while now...I think it was fixed in a subsequent version of OS X.  What version are you running?

-ric.

0 Helpful
Customers Also Viewed These Support Documents