We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

strange router crashing problem

Medium Priority
741 Views
Last Modified: 2012-05-11
Scenario:

Local business uses SBS2008 with RRAS set up for incoming VPN connectivity.  Single NIC server is NATTED behind a Netgear WNDR3700 flashed with DD-WRT.  Internet connections is 35x5.

Remote user connects via windows 7 PPTP client from a Cox home connection.  He is NATTED behind a Linksys WRT54G.  Every night he copies a 90MB file to his machine over the VPN via UNC path....something like xcopy \\server.domain.local\share\file.ext  or similar.   Works beautifully.

Remote user then changes his router....NOTHING ELSE....to a SonicWall TZ 100.

upon doing so, he can consistently crash the netgear WNDR3700 within 1 to 2 minutes after initiating the same file copy.

the netgear has a 600+ mhz CPU with 64MB ram and GB ports. i'd wager it's more powerful than the Sonicwall even though it is not a 'business-class' router.  ZERO other problems with the netgear.  Immediately upon rebooting the Netgear, everything continues as normal.  

I tried a UNC copy of an ISO image from my house which is a similar Time Warner/Cox type connection behind a standard home router and it pegged at 5 megabits and caused ZERO issues.  

what am i missing here.  what on earth could be causing this?  the sonicwall is the only thing that has changed.

Comment
Watch Question

Top Expert 2010
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
BOO-YAH!  

wow.  switched the SonicWall MTU to 1500 and POW!  full speed in and out, no further problems whatsoever!

i can't believe it.

guess what.  when the guy installed the router last week, he had SonicWall support remote in and help him set it up. He told them he'd be using VPN etc.  The SonicWall guy set the MTU to 1404! no lie.  can you believe that.

the thing that bugs me is wondering if whether i am vulnerable to some sort of MTU attack.  sorta like a Denial of Service Attack or something. i'll have to do some testing to see if this only happens via vpn.  i mean, can anyone take down my router by just changing their MTU and copying a big file? holy cow.

well, thanks so much for your help. this is a no-brainer. i'd give you more than 500pts if i could!

Author

Commented:
SPOT-on assessment!
Top Expert 2010

Commented:
Cool. Glad I could help. 1404 seems a little low. I know that a few years ago, we ALWAYS changed the MTU with cable Internet connections. Any more, this just isn't the case. 1500 (which is the default) has been the correct one. We still test, but rarely have to change it.

Regarding MTU attack, I think the key here is that you've opened your firewall for PPTP traffic to your internal VPN server. An external attacker would have to know you've opened your firewall to that traffic. Additionally, your firewall should be aware of when it's being port scanned and defend against anyone trying to figure out that you've poked a whole in the firewall.

Thanks for the points!
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.