Netgear DG834GT VPN Pass-through work only occasionally

Hi guys. Here's an interesting one I hope you might be able to help me with. I've setup a Netgear DG834GT router at our work. Works great on every level accept the VPN. I have all the necessary VPN ports forwarding to our Windows based VPN server. I'm also aware of protocol 47, although there is no configurable setting to let this pass through (on Netgear routers protocol 47 is supposed to follow the direction of PPTP port forwarding).

However, on some machines when I try to connect it just times out when the user name and password is trying to be validated (suggesting the GRE packets aren't getting through via protocol 47). On other machines it connects up (although only some TCP traffic doesn't pass through)! I've set VPNs up like this loads of times, and have finally resigned myself to the fact that this particular model (which I haven't used before - I've always used its younger brother, the DG834G) can't cope with the VPN stuff.

So my question is, has anyone else has this problem? If so, did you manage to fix it? I have tried all the various Netgear firmware versions, including the most recent that claims to fix a VPN pass-through issue, but does anyone know of third party firmware that actually works?

I look forward to any feedback, even if it is just to confirm that the router is a little monster and I need to send it back

Cheers Guys,

Bluemercury
LVL 2
bluemercuryAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

PeregianCommented:
I had some probs with dg834 -dg834 vpn thatlinks 2 networks together. I got timeouts and sometimes it would connect and then just hang when you tried to use it. It ended up being the mtu setting in the router. Try lowering that.
0
PeregianCommented:
0
bluemercuryAuthor Commented:
Thanks for you comments Peregian. It's a good thought, but unforuntately I have already tried lower the MTU setting with no luck :( Any other ideas at all?

Best wishes,

Bluemerucyr
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

PeregianCommented:
did you lower the mtu on the router and the vpn server?
0
bluemercuryAuthor Commented:
I have indeed tried both, with values of 1400 as you suggested. I've also tried the value of 1432, as this is what another VPN router I use utilises sucessfully. Bizarre thing is that, as per usual, some VPN clients will connect ok, then at other times they won't at all. It is all very ittermitent!
0
PeregianCommented:
try this test to see at what size packets fragment

ping -f -l 1472 serveraddress

it should tell you that it fragmented the packet. Keep lowering the 1472 until it stops fragmenting it.
0
bluemercuryAuthor Commented:
Thanks for your input Peredian. I'd love to try your latest suggestion, but just to help matters the SATA RAID mirror has decided to pack up on the Server after just one week! I'm not going to be onsite to fix it for the next week, so this whole issue is on hold (Server is completely down)! I may also try another spare router that I'm going to order in the meantime....

Thanks for all your input, and I will be back here as soon as possible!

Bluemercury
0
bluemercuryAuthor Commented:
I have come to my own conclusions that the DG834GT is a menace device. With a DG834 (not GT) router now in place and passing through up to 4 VPN tunnels (and configured in exactly the same way as the DG834GT) it pretty much shows that the DG834GT is not functional for VPN pass through. I have spoken to other colleagues outside of EE since, and they admitted to having the same problems as me, and retracting back to DG834 based models to get things to work.

Thanks for your help on here; I'm going to request a point refund if that's ok, as whilst your suggestions helped reduce the scope of possible problems, ultimately it has just come down to shoody Netgear design. I hope EE will leave this up here for future reference to those who have problems with the DG834GT. Netgear; update your firmware properly for this DG834GT model!

Bluemercury
0
GranModCommented:
PAQed with points refunded (500)

GranMod
Community Support Moderator
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
NETFOCUSCommented:
There is a fix for this. Download TCPOptimizer and untick "Timestamps" on the adpater useded to tunnel. I have tried this seceral times on different machines that failed to connect and on each occasion this action resolved the problem.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.