Re: [AFMUG] VPN issues

Thu, 18 Mar 2021 10:38:18 -0700

I'm working a very similar issue right now.  I think I have tracked it down to an issue with a single upstream connection, and it looks like it's doing something with fragmenting/dropping large packets.  Doing a packet capture, it looks like the VPN setup packet is about 2062 bytes in size, and it's not getting to the other end.  ICMP Packets will flow regardless of size (of course fragmenting)  If I route the traffic over any of my other upstreams, it works fine.  I have a ticket open with this upstream, but getting them to understand what the issue is has been cumbersome. 

On 3/18/2021 12:27 PM, Dev wrote:
Do you have other customers with similar config/topology where you can test, maybe who hit the same VPN server? PCAP’s aside, VPN’s don’t usually like NAT and firewall changes, but you have to divide and conquer to track down VPN issues often because the error reporting is vague at best typically. 


On Mar 17, 2021, at 8:40 AM, Mark - Myakka Technologies 
<[email protected] <mailto:[email protected]>> wrote:


Re: [AFMUG] VPN issues
Bill,


Well that is the issue.  Could be anything.  Been working fine since 
June.  I have many many more people using VPN's with no issues.



But there is an issue on her link.  This is a fiber link BTW.  Her 
Internet works fine.



Her IT guys have washed their hands of it, pushing it all on me.  Not 
sure how I'm going to figure it out being I don't know what appliance 
she is using yet.  Even when I get that info, I'll have no access to 
it.  Doubt they are going to give me admin privileges on their 
equipment.  Also, I don't get the opportunity to see what errors are 
showing up on server logs.





--
Best regards,
Mark mailto:[email protected] <mailto:[email protected]>

Myakka Technologies, Inc.
www.Myakka.com <http://www.myakka.com/>

------

Wednesday, March 17, 2021, 11:27:35 AM, you wrote:



	I would suspect maybe segmentation issues. Sometimes segment 
boundaries can mess with a VPN.


bp
<part15sbs{at}gmail{dot}com>
On 3/17/2021 7:50 AM, Mark - Myakka Technologies wrote:

        I  have  a  customer  that  has  some type of VPN router device on our
system.   Her VPN isn't working anymore.  Her Internet is fine.  I did
a  packet  capture  for her IT guys and sent it to them.  Their answer
is  the  usual  "It's  your  ISPs fault".  I'm not a VPN expert, but I
attached the filtered packet dump.  Looks like things are talking back
and forth.  Any issues anyone can see?


--

Thanks,
Mark mailto:[email protected] <mailto:[email protected]>

Myakka Technologies, Inc.
www.Myakka.com <http://www.myakka.com/>

--
AF mailing list
[email protected] <mailto:[email protected]>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com




-- 
AF mailing list
[email protected]
http://af.afmug.com/mailman/listinfo/af_af.afmug.com






















					Reply via email to