Solved

Telnet through VPN connection keeps dropping

Posted on 2006-11-07
17
394 Views
Last Modified: 2013-11-16
We use a program called Tiny Term from Century Software, which uses Telnet through a VPN connection to connect to corporate servers in another state.  After users login using their account information, the connection is dropped after 2-5 minutes.  The time varies, and when it happens, ALL connections for this program stop.  By that, I mean each workstation running this program stops responding on every machine.

But not the Internet.  If I run a continuous ping from one station, login to Tiny Term, and monitor the progress of the ping, it never drops while the Telnet connection does.  This is a small store, and it is setup with the following:

DSL provided modem/router>Cisco Secure Pix 506>SMC Switch>Workstations (all running XP Pro)

This all started last week, and I have done the following:  Confirmed that network connectivity during this to the Internet does NOT go down.  Ran spyware scans and anti-virus scans.  Called corporate to check the firewall out, and was told traffic looked good.  Called the ISP to check their side out, and was told their side good.  Removed the SMC switch and replaced with another, left all workstations unplugged from new switch, and plugged in a newly setup workstation, never before on this network, with a fresh install of Tiny Term.

And still, it did the same thing.  Removing the switch and workstations would seem to me, to remove our internal network from the equation.  To me, it would seem to be some sort of setting within either the firewall or modem/router.  But what?

How would I monitor this type of program and the traffic that it generates, bearing in mind I do not have access to the firewall?  How would I monitor the connection when it drops?  What would I look for?  Any help would be greatly appreciated, as users are tired of constantly signing back in.

Thanks

0
Comment
Question by:lloydr1l
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 8
17 Comments
 
LVL 12

Expert Comment

by:Freya28
ID: 17890424
check all your timeouts on teh pix and especially the vpngroup idle-timeout
0
 

Author Comment

by:lloydr1l
ID: 17890607
I will pass that along to corporate, as I can't personally check it.  
0
 
LVL 12

Expert Comment

by:Freya28
ID: 17890652
i would most definitley say it is a timeout setting too low on the pix
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:lloydr1l
ID: 17891347
I started thinking about your suggestion.  One of the things the ISP tech stated was that he connected to his office using VPN and the connection never dropped.  So wouldn't that then imply that any setting too low for vpngroup idle-timeout could be eliminated?  If it were to low, wouldn't it have effected his connection?
0
 

Author Comment

by:lloydr1l
ID: 17891354
Just remembered him telling me he went around the firewall, so forget that.
0
 
LVL 12

Expert Comment

by:Freya28
ID: 17891654
what about the actual program?  does that have a timeout?  or the application?
0
 

Author Comment

by:lloydr1l
ID: 17891669
Nope.  There are no settings for this.
0
 
LVL 12

Expert Comment

by:Freya28
ID: 17891736
i would also check the wan link.  see if it is hiccupping at all.  telnet is the simplest traffic to traverse, but if any type of break in the line occurs, then all connections will be dropped.
0
 

Author Comment

by:lloydr1l
ID: 17893127
Freya28
Agreed, but how to check?  ISP claims the connection is fine.  Corporate claims the firewall is fine.  How do I monitor the WAN link and see if it is hiccupping?  
0
 
LVL 12

Accepted Solution

by:
Freya28 earned 500 total points
ID: 17898121
There are many tools out there, but for a price.  you can sniff the network also with freeware such as etherreal or wireshark to see where packets are dropping.  i would try that.  sniff the network usign etherreal and identify the source IP and destination IP and follow the tcp stream.  it might give you a clue as to where it is dropping, then you can take it from there.
0
 

Author Comment

by:lloydr1l
ID: 17899669
Thanks.  In fact, that is what I have been doing.  I've been looking into Wireshark for the last couple of hours.  As soon as I get comfortable with it, I will try it out.
0
 
LVL 12

Expert Comment

by:Freya28
ID: 17899715
good,  let me know
0
 

Author Comment

by:lloydr1l
ID: 17907594
I know how to read a lot of the captured output, but there are things I don't understand.  So do you know of a place where previous output has been analized?  With explainations of the results?
0
 
LVL 12

Expert Comment

by:Freya28
ID: 17907713
0
 

Author Comment

by:lloydr1l
ID: 17907749
Thanks.  I'll check it out.
0
 

Author Comment

by:lloydr1l
ID: 18093787
Thanks for the help and sorry for the delay in rewarding points.  I never had a chance to follow through on this because I was redirected.  But I'm sure the suggestion you offered is the answer to finding a solution.
0
 
LVL 12

Expert Comment

by:Freya28
ID: 18093811
thank you and good luck
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Network setup between buildings 4 60
Network over eigrp 100 topology ? 3 59
Reset HP V1905-24-PoE switch to factory default settings 2 46
AD Design Best Practices 6 38
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question