Re: RV130 blocking UDP 47808 traffic over pptp VPN

Dougm · ‎04-08-2019

Hello
I have a wan modem connected to a Cisco RV130 and enabled pptp VPN.
I can establish a secure connection though the WAN modem into the device via pptp. I can ping devices on the LAN side of the RV130. I can open local web pages for the configuration of any device on the LAN side of the RV130. On the LAN network is a BACnet router that sends traffic over UDP 47808. I cannot query that traffic.
Removed the WAN device and using my PC as if its the WAN I can still connect to the pptp server but I cannot see the BACnet traffic.
Using my PC connected to the LAN side I can observe all the traffic on the BACnet router on UDP port 47808.
I now know that my RV130 is blocking the traffic on UDP port 47808. Why? I have opened up a pptp VPN with a GRE tunnel. All traffic should go through the tunnel.
Worried that maybe the GRE tunnel encapsulation may take another 24bytes I have configured all devices to be less than 1476.
Can anybody provide any assistance?

Georg Pauwen · ‎04-08-2019

Hello,

you might want to try and enable VPN Passthrough (page 108 of the attached admin guide)...

Also, make sure your RV130 is running the latest firmware version, release 1.0.3.45.

https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv130w/admin_guide/en/rv130w_admin_en.pdf

Dougm · ‎04-09-2019

The RV130 is acting as the VPN server and it cannot be used in the VPN pass through mode. Do I still set it to VPN Pass though in this setup?

Doug

joseph.h.nguyen · ‎04-10-2019

Can you attach a network diagram? Have you checked your firewall policy? Typically PPTP is a layer 2 and GRE is a layer 3. Your BACnet router may be forwarding its UDP traffic differently than expected.

You can verify your MTU by using Windows ping command, "ping <ip address> -f -l <mtu size>". Repeat this command with varying MTU size until you collect responsive and non-responsive pings.