• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 656
  • Last Modified:

Issue with dropped packets and request time outs to remote sites

I am having an ongoing issue with my remote site losing connectivity to my cooprate office.  The sites are connected via a VPN tunnel using 2 Edgemarc routers.  I have been trying to drill down on the cause of the issue but have been unsuccesful so far.

I decided to give Wireshark a try and see what it said about my issue.  During a file copy/ping -t from Site A to Site B I noticed a bunch of ICMP messages saying ICMP Redirect (Redirect for host).  The redirect is occuring from Source (192.168.10.1) and destination (192.168.10.3).  I find it odd that there is an ICMP Redirect occurding within the same subnet, not sure if this is what I should be seeing or not.

There are also a bunch of Write AndX request yellow and red/black bars with TCP out of order errors.  I'm new to viewing this data, so if there is anything I should be looking for in particular to futher troubleshoot this, any guidance is appreciated!
0
jmchristy
Asked:
jmchristy
  • 4
  • 4
  • 2
1 Solution
 
rfc1180Commented:
>Source (192.168.10.1) and destination (192.168.10.3)
So what are these devices, are you running some type of IGP in the network or any static routes between these 2 devices.

You might need to added no ip redirect on the interfaces of the hosts default gateway.

Billy
0
 
jmchristyAuthor Commented:
192.168.10.1 is the Edgemarc Router
192.168.10.3 is a server which just has a 2008 R2 base install done, nothing else

The Edgemarc router is the default gateway for all the computers and servers in the remote location.  No IGP is running that i'm aware of.  I do see this IGMP direct quite a bit in the wireshark logs during my file transfer/ping -t testing.
0
 
rfc1180Commented:
on the edgemarc router if a Cisco, add the line:

no ip redirect

on the interface that is directly connected on the LAN.

Billy
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
ravisimpiCommented:
WHen you say you have connectivity problem, what actually is it?

Your total tunnel is coming down? Any applications stops working, or any file download is un success-ful?

Is it possible for you to share the wire shark capture file
0
 
jmchristyAuthor Commented:
My tunnel isn't going down, the Edgemarc never says the tunnel isn't established anymore.  

It happens when a file transfer is occuring, a user from Site B (remote site) tries to open a file from Site A.  The file download takes awhile, and if I begin pinging the file server at Site A from the user's PC at Site B  I see a bunch of request time outs while the file is being downloaded.
0
 
ravisimpiCommented:
I understand that you have two routers connected to the LAN segment and the User's PC at Site B is being configured with a gateway of a router who don't have a direct route to Site-A.

When the packets hit this router (suppose on interface-1 connected to LAN segment) it checks it's routing table and finds that the exit interface for that packet is same on which it has received it.

 You can try changing the default gateway configured on on user's PC at site B and point it to a router which is having a direct route (not pointing to the LAN segment) to site-A.

peace and health,
Ravindra
0
 
ravisimpiCommented:
Also, is it possible for you to share the capture file?
0
 
jmchristyAuthor Commented:
So maybe try changing the gateway to say a layer 3 switch and have that handle the routing?

The Edgemarc at Site B is setup to do the routing now, the VPN tunnel I'm assuming is handling the routing of the traffic to Site A.  If it's within the same subnet, I would think it wouldn't even need to the gateway.

Do I need to add a route at Site B's Edgemarc for Site A? Even though it has a VPN tunnel established?  Or will it check that VPN tunnel first to know where to send the packets for the different subnet?
0
 
jmchristyAuthor Commented:
I can put together another wireshark file
0
 
ravisimpiCommented:
You must be running a routing protocol on the routers. Check the routing on both the routers (on site-A and also on site-B) and verify that the destination is pointing to proper interface (in your case "tunnel interface") If you have multiple route for same destination, then I would recommend changing the cost of the route so that the packet leave the tunnel interface.

peace and health
Ravindra
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Live Q & A: Securing Your Wi-Fi for Summer Travel

Traveling this summer? Join us on June 18, 2018 for a live stream to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

  • 4
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now