Evening folks,
I found myself troubleshooting an odd problem Thursday and Friday (not
helped at all by Sheffield's hospitality over the previous two nights) -
several employees of a customer have all had issues in the past few
months getting VPNs connected reliably. A colleague was on-site at one
location trying to find out what was going on.
The common theme is that all of the broken ones use Sky for DSL/FTTC,
and all seem to use the SR102 router. At the locations where we've been
testing, the software version is 2.88.1086.R.
Naturally, the problem is intermittent - you might get 1 failed attempt
in 5, or if unlucky 1 success out of 5; however, we've got to a point
where it will reliably work if a laptop is given a static DHCP address,
and the router configured to forward all VPN traffic to that address (I
didn't do this, so don't know *exactly* what the magic static NAT is
that makes this go).
VPN is a standard IPSEC with NAT translation enabled; using the Shrew
client on Windows 7 laptops. This has worked fine in the past and
became unreliable around July time - we think they may have pushed a
firmware upgrade to the routers to enable v6 at this point. We thought
it may be a v6 issue (in that with the VPN up, the DNS will reply with a
v6 address of their server, which will be firewalled from their Sky
LAN-side V6 subnet ... but this hasn't been an issue, the VPN doesn't
establish).
Anyone else seen anything like this? Are there any known issues with
the VPN passthrough on these boxes? Google doesn't seem to have
anything relevant and recent.
Thanks
Paul.
- [uknof] Sky DSL/FTTC VPN issue Paul Thornton
-
