Added port 3389 to firewall... Guess what? No connection. It's blocked.

I've never had RDP blocked before, always connected via VPN and then used RDP to get into my computer.

Now i can't even use port 3389 by itselt? - and yes, it's set to both TCP and UDP.

I've also tried connecting my netbook to my phone via hotspot and connecting VPN and RDP from my netbook... same result, blocked.

Plusnet please explain why you are blocking ALL of my incoming traffic please? - The only difference with RDP is that it DOES show in the router logs (yet mysteriously a PC that ALWAYS accepts RDP is complaining of malformed RDP packets and dropping the connection).

You or the router are deliberately blocking access to my PC. I want to know why.

@bobpullen some help please, your network is blocking every single inbound attempt I make via L2TP and RDP. 

I'm getting really angry.

Having connected to my VPS which is in a different country, even that is unable to make an inbound connection to my PC via our router. I want some answers please.

Miracle happens..

On phone to PN tech.. nothing to do with them he says... but try factory reset.

Does factory reset.. nothing. He puts me on hold.. it starts working.. both RDP and VPN using L2TP.

Gets off the phone, guess what? It all STOPS WORKING AGAIN.

Incidentally considering it's a factory reset, it's funny how there's still over 200 pages in the log file.

HOW VERY STRANGE. Interact with Plusnet and it starts working, then stops the moment I'm off the phone.

Yoiur Hub2 does however have a bug that I've noticed. My PC has a wifi and Ethernet adapter. These are bridged using the windows software network bridge - IP address is 192.168.1.2

Windows7 incoming VPN is set to use IP addresses randing from 198.168.1.210  <>  192.168.1.215

The router keeps picking up my PC between those ranges:

I doubt that's the actual cause though, it's been doing that for years - unless you've pushed an update that you've not told anyone about.

It would however sort of make sense if the router is now trying to push traffic there instead of to 192.168.1.2 - for remote desktop that's a killer as forwarding packets to 192.168.1.2 is how it should work.., no idea about VPN using L2TP.

Never heard of a factory reset leaving 200 pages of log files... that's amazing.

That was literally while I was on the phone to your man at Plusnet HQ.

Since then, NOTHING. No RDP, no VPN. Heck I don't think VNC will work either.

To be honest, if such a 'feature' was so important to me, I'd just ditch the "free router", and buy something more up to the job. The ISP provided routers are 'fine for the majority', but not so good for the 'clever stuff' we techies might want to do.

It's a bit like the many bits of Microsoft "free" software: it is as good as what you pay for it!

All my software - and OS - is free, although I do pay for some of it in the form of donations, if it proves useful.

Completely agree, what 7up needs is a higher spec router.....  The hub 2 wasn't really designed for what he wants it do and yes an update could have broken the features he wanted.

In fairness RDP  over VPN isn’t your average user’s setup……

The Hub two i use current firmware version as seen in >Advanced settings >Information

Firmware version: v0.10.00.04201-PN
Firmware updated: 30-Jun-2023

Looking at the event log category BOOT I see the version the Hub startup on

17:56:30, 21 Oct. Booting firmware v0.10.00.04201-PN (Thu Apr 20 16:54:19 2023)

---

@7up wrote:
This setup worked flawlessly for many years until something caused a change - it was pointing the ports to my machine but not by IP address as I set up years ago (and consequently forgot).

Now it's working again it's fine but the router does have a bug that needs fixing. I've no intention of replacing the device, it's worked for years with no fuss but what has caused annoyance is that it somehow switched from pointing ports to my computers IP address to using it's name and whatever IP address it currently recognises. I did not change that and my missus never touched the router.

---

The Plusnet Hub has not received any recent updates, I can assure you of that at least.

Whilst I don't fully understand exactly how you have things configured (I've personally never relied on Windows as a VPN endpoint, nor bridged network adapters), this does seem to be a very niche set-up; Assuming it is a bug in firmware, it's one that will have eluded folk for the best part of a decade!

Am I reading it right that you are assigning VPN clients IP addresses from the same subnet as the local network? If so, is this the recommended way to do things? For my self-hosted VPN endpoint, it runs off a completely different subnet.

@bobpullen Well, i do have a habit of walking into things others haven't noticed..

Right, so this is the adapters I have in use (you'll also see some VMWare network adapters - they do their own thing which the network bridge seems to ignore):

Wireless Connection 4 can also be ignored - the PC doesn't seem to have realised that particular dongle isn't plugged in.

Network Bridge TCP/IP properties:

Now this is the incoming VPN clients TCP/IP Properties:

So, as you can see, Windows VPN server is set to use IPs from .10 to .15

When my phone connects, it always goes for the next IP address - if it hits .15, it resorts back to .10 and so on.

Whats happening is that your HubTwo is then seeing this IP address as being the one for the PC and the ONLY one. Until that connection isn't used for X hours, then it forgets it and goes back to 192.168.1.2.

Something changed the setup in the router to address my port forwards to the PC by name and currently recognised IP instead of its normal IP - and so each time there was an incoming connection from my phone (when just going out - to test it was working), your router has then directed that port to the VPN IP for that MAC address instead of the PC IP. Due to this, it has then looked like my incoming connection was being blocked by the mobile network - it worked at home on the nearest mast, but out of town on a different mast, no connection.

The logs could do with being more helpful too as it seems that for RDP connections a log entry is made regardless of an actual connection to the PC but VPN connections are only logged IF there is actually a successful connection established. Even then, a lot of the log entries don't make much sense to the average user - whats "Lan IPv6 Neighbour Discovery events: NEIGHBOR_SOLICIT" for instance? Whats "Self roaming might be occurring... Deauth original one..." mean?

"LAN [ADD] ARP 192.168.1.12 with 86:0a:66:fa:92:a3 from br0(wl1)" The device name has been set in the "My network" page, wheres the user-friendly name in there? - I don't remember MAC addresses in my head!

It has bugs! Factory reset doesn't wipe 200 odd pages of logging either. It should! That's what a factory reset is supposed to do right? - Put it back to factory new condition..