cancel
Showing results for 
Search instead for 
Did you mean: 

Help! VPN connection drops packets larger than 180 bytes

Chuck
Newbie
Posts: 6
Registered: 01-08-2007

Help! VPN connection drops packets larger than 180 bytes

I am able to set up a broadband VPN connection okay, but packets larger than 180 bytes don't propagate through it, i.e.

> ping -s 172 remote.machine

works, but

> ping -s 178 remote.machine

fails. A connection made today via plusnet dialup shows the same problem, although I'm sure it worked (slowly!) once. Non vpn connections also work fine.

I guess that the problem is either my router, or something that isn't set up at Plusnet's end.

I'd be very grateful for advice as to how to go about fixing this issue. I'm being forced to work at home because work has got the builders in...

Thanks in advance

Chuck

Details
------

I have Option 2 PlusNet broadband with the PlusNet firewall set to 'low'.

My router is a NetGear DG824PN (firmware V1.03.25) which claims 'VPN pass through,

I am connecting to a VPN service provided by a PPTP connection using MS Chap V2 authentication and MPPE encryption. It uses TCP port 1723 and IP protocol 47 (GRE).

I am using MacOS X 10.3 VPN client.
5 REPLIES
Plusnet Help Team
Plusnet Help Team
Posts: 17,624
Thanks: 610
Fixes: 158
Registered: 05-04-2007

Help! VPN connection drops packets larger than 180 bytes

Out of curiosity was the broadband firewall set to high previously? I can see you have made a couple of changes to the settings on this, have you made sure your modem/router has been rebooted to allow the changes to go through?
If this post resolved your issue please click the 'This fixed my problem' button
 Chris Parr
 Plusnet Help Team
Chuck
Newbie
Posts: 6
Registered: 01-08-2007

Help! VPN connection drops packets larger than 180 bytes

Quote
Out of curiosity was the broadband firewall set to high previously? I can see you have made a couple of changes to the settings on this, have you made sure your modem/router has been rebooted to allow the changes to go through?


It is normally set to 'low'. I reduced it to 'off' to check that didn't fix the problem. It didn't, so I put it back. I disconnected/reconnected the router using the appropriate button in its http interface - this got me a new ip number. Do I need to do something more than this to get your firewall to update?

I have also just retested the dialup connection and it failed in exactly the same way as the broadband. I think this eliminates the NetGear router; it was physically unplugged from the machine at the time. I doubt its the OS X client, but I'll get hold of a OS X 10.4 Mac to try later. I'll also try power-cycling the router when changing the firewall settings just to be absolutely sure it understands that I want it to update.

However, I am getting a VPN connection, of sorts. SSH seems to work over it providing I only type short commands with short replies and don't 'ls' a directory with more than about a dozen files. Not quite the virtual desktop experience I was hoping for...

Thanks

Chuck
Plusnet Staff
Plusnet Staff
Posts: 12,169
Thanks: 18
Fixes: 1
Registered: 04-04-2007

Help! VPN connection drops packets larger than 180 bytes

If you try and run the ping test outside of the VPN does it allow you ping with higher packet sizes?

If it's the same on dial-up then I agree it rules out the router and also the broadband connection. Which makes me wonder if it's either an MTU setting (I'd expect pings outside the VPN to behave the same) or something within the VPN client settings.
Chuck
Newbie
Posts: 6
Registered: 01-08-2007

Help! VPN connection drops packets larger than 180 bytes

Quote
If you try and run the ping test outside of the VPN does it allow you ping with higher packet sizes?


Yes. When not using the VPN, I can get reliable pings with packets up to 8192 bytes.

I have now tried a MacOS X 10.4.10 machine. This does not exhibit the 180 byte ping-test failure, but otherwise the behaviour is similar. i.e. ssh connections can be initiated but die whenever more than a few hundred bytes are transferred.

Clutching at straws, I'll see if I can find an alternative piece of client software to try.

Thanks

Chuck
Chuck
Newbie
Posts: 6
Registered: 01-08-2007

Help! VPN connection drops packets larger than 180 bytes

... and suddenly vpn has started working for me Cheesy

... but I have no idea what fixed it Cry

Evidently the ping-length limit was a red herring, it's still occuring and perhaps it's a 'feature' of the vpn server.

If I ever find out what the real problem was and/or it happens again and I discover the recipe to fix it I'll add a follow-up to this thread.

Thanks for the help folks, bye for now.

Chuck