Solved

Internet Problem

Posted on 2013-01-08
6
351 Views
Last Modified: 2013-01-16
I am setting up a remote connections from a few branch offices to a main office.  I have a WatchGuard router at the main office and am using the Mobile VPN with SSL to connect the individual computers to the main office.  

One location on has one computer and doesn't have any problems connecting and staying connected.  

The other location however is driving me nuts trying to pin point the problem.  When we started the some computers could connect and some couldn't and then the ones that could couldn't and the ones that couldn't could.  After troubleshooting it seems to be that after connecting 5 or 6 computer not more would connect (they were not even hitting the remote device), but if we disconnected one then another could connect.

I eliminated the possibility of only a certain number of computers could connect from one location by connecting 9 from the location that is not having any problems.  I verified that we had a 50 user license and it was working with WatchGuard support and upgraded to the latest firmware.  

I notice that internet speed at this location was less than a 1MB upload and download.  So we waited until an internet speed upgrade to 3.0MB, but this had not effect.

We are only using a 5250 telnet connection to the main server, so I opened ports on the router to allow a connection outside of the VPN and still have the same problem.

Where to look now?  Could it be something with there ISP, which is TW Telecom.  Could it be the Belkin router they have behind the DSL modem?

I do know I could try getting another appliance and make a BOVPN with one tunnel.

TIA
0
Comment
Question by:DCS12
6 Comments
 
LVL 10

Expert Comment

by:akhalighi
ID: 38755489
what do you see in the log files ? what phase of VPN fails ? what's the error message ?
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 38755494
I think the problem would be indeed at the problem site, might be the belkin or another device there.
0
 
LVL 10

Expert Comment

by:akhalighi
ID: 38755500
check log files in all check pints  start from VPN client > branch router > main router. you should see a message somewhere. a reason for a failure .

If you don;t see it , increase level of logging to debug or something .
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:DCS12
ID: 38755652
@ akhalighi: I have already done this with the assistance of WatchGuard also.  The only log entry when it is raised to debug level is that is is downloading the configuration and then it times out.  Sometimes the client doesn't even hit the main router.  Plus I am having the same issue when I don't use the VPN and do a straight telnet.

@ setasoujiro: This is what I am thinking, but want to get other opinions.
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 38755668
Could you try and replace the router with another device and see what happens?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 38755849
All routers (at client site) have limits as to the number of VPN pass-through connections they will allow, from 0-9.  If you have multiples users connecting by VPN from the same site you really should have a site to site VPN configured With a VPN hardware based router at each site.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now