cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1228
Views
0
Helpful
4
Replies

RV110W VPN Passthrough Stops Working After 20-30 Days

Hello,

We are using a RV110 as a Router and Firewall for a small business.  2 remote workers connect via VPN to the MS Server 2012 VPN Server.  We have enabled VPN passthrough on the Firewall.  After 20-30 days the Firewall will no longer pass the VPN Connections, not able to establish the tunnel.  A reboot fixes this problem immediately and users can connect again.  Can you please advise what steps we can take to prevent a monthly reboot?

Thank you.

Chris

4 Replies 4

jeffrrod
Level 4
Level 4

Dear Christopher,

Thank you for reaching Small Business Support Community.

I would first suggest you to make sure you run the latest firmware release version 1.2.0.9;

http://software.cisco.com/download/release.html?mdfid=283879340&flowid=26961&softwareid=282487380&release=1.1.0.9&relind=AVAILABLE&rellifecycle=&reltype=latest

Second I advice you check and see if there are any "by schedule" firewall access rule on the router, same as double check on the remote access VPN settings on the MS Server.

I'll be looking forward to hear from you.

Kind regards,

Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer

*Please rate the Post so other will know when an answer has been found.

Jeffrey Rodriguez S. .:|:.:|:. Cisco Customer Support Engineer *Please rate the Post so other will know when an answer has been found.

Jeffrey,

Thanks very much for the reply.   I have done both.   Firmware is 1.2.0.9 loaded in June.  There are no such settings on the MS Sever.   I should mention that we had this problem every 24 hours when the router came out of the box and after re-load of firmware, we are only experiencing the problem every 20-30 days.

Additional suggestions most welcome.

Cheers,

Chris

Christopher,

Something else would be to uninstall/reinstall the VPN Client software on those two remote hosts, disable Windows firewall and any on schedule antivirus firewall protection. 

If the problem reocurrs we need to focus on several ports that could be being blocked on schedule by your ISP; these ports are 50, 51, 443, 60443, 500, 4500, these ports have to be open in both sides client and router for the tunnel to establish successfully. In order to find out if these ports are being blocked we need to perform a port scan, we want to do this directly connected to your ISP modem if possible, if that can’t be arranged then we would have to disable the routers firewall completely off before performing these scans, I suggest use to use Nmap which is free and install it on a location outside your network, you can then perform a scan of your network and it will tell you with more precision if the ports are being closed, once installed you can us the following command Nmap -sS -sU -p 500 –Pn 71.7.134.80 (Public IP Address) this will tell you if the ports are being blocked. Unfortunately most ISP tier 1 support is adamant in proclaiming that all of the service ports are already open and they will not hesitate to tell you that all service ports are opened and that they do not block any ports and that the problem is our router. This may be true in some very few instances but if the port scan test results show otherwise you will need to insist on showing them a proof of the port scans and demand to speak to tier 2 support.

If the ports show to be open I then suggest you contact the Small Business Support Center;

Please do not hesitate to reach me back if there is anything else I may assist you with.

Thank you,

Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer

*Please rate the Post so other will know when an answer has been found.

Jeffrey Rodriguez S. .:|:.:|:. Cisco Customer Support Engineer *Please rate the Post so other will know when an answer has been found.

I will do as you suggest tomorrow.   This may be unrealated but today we lost connectivity for a short time in the afternoon and when I checked the logs I found these entries:

2013-08-20 15:27:33 RV110W local2.debug pppd[668]: rcvd [LCP pid=(668) EchoRep id=0x37 magic=0x34c8e7c7]

2013-08-20 15:28:03 RV110W local2.debug pppd[668]: sent [LCP pid=(668) EchoReq id=0x38 magic=0x708af2db]

2013-08-20 15:28:08 RV110W daemon.err mDNSResponder: ERROR: getOptRdata - unknown opt 4

2013-08-20 15:28:09 RV110W daemon.err mDNSResponder: ERROR: getOptRdata - unknown opt 4

2013-08-20 15:28:11 RV110W daemon.err mDNSResponder: ERROR: getOptRdata - unknown opt 4

2013-08-20 15:28:15 RV110W daemon.err mDNSResponder: ERROR: getOptRdata - unknown opt 4

2013-08-20 15:28:23 RV110W daemon.err mDNSResponder: ERROR: getOptRdata - unknown opt 4

2013-08-20 15:28:33 RV110W local2.debug pppd[668]: sent [LCP pid=(668) EchoReq id=0x39 magic=0x708af2db]

2013-08-20 15:28:39 RV110W daemon.err mDNSResponder: ERROR: getOptRdata - unknown opt 4

2013-08-20 15:29:03 RV110W local2.debug pppd[668]: sent [LCP pid=(668) EchoReq id=0x3a magic=0x708af2db]

2013-08-20 15:29:04 RV110W local2.debug pppd[668]: rcvd [LCP pid=(668) EchoRep id=0x3a magic=0x34c8e7c7]

The ERROR messages correspond closely to when we lost connectivity.   I have searched the support site, but I cannot find any real explanation of these messages.   I rebooted this evening and cleared the logs so I can see if it happens again.   I can supply the entire log if you like.  

This may also be related to SR 627008351 which I opened yesterday on the same router as we were experiencing some very strange behavior trying to access certain websites via browser.

Can you please tell me what these messages mean?   I am beginning to think maybe we have a bad box here?

Thanks for all your help!

Chris