Yeah, I finally got someone at the ISP that could help, and we changed our MTUs to match what they were using at that got rid of that error. Now we just have to figure out why the UDP packets are getting so fragmented across the tunnel that the remote SonicWall is dropping them on the ingress. This ISP network engineer is kind of a ding-dong and doesn't understand TCP packet captures very well.
What MTU did they recommend? Virtually all fragmentation across the WAN is going to be due to a too-large MTU. UDP, TCP, whatever.
I'm having a problem at one of my remote sites and my clients IT department can't figure it out. It hasn't fallen to me to figure it out yet, but that day might be coming quickly when my clients IT department throws in the towel. I will preface by saying I know very little about ethernet networks other than the IP address's need to be matchy matchy in order to get communication. I also don't know how their network is exactly laid out, but I've been able to get the following information from them. Clients Server -> VPN to router (static IP) -> My network devices (2 PLC's (static IP), one touch screen (static IP), Personal Laptop, wireless connection for blackberry's etc (all dynamic IP's from router DHCP server)) All of my devices communicate internally without any problems on the router network and the laptop/phones can get on the internet, send emails, bbm, etc. The problem is when we're trying to do remote communication. The touch screen has a web server in it for remote access and control. My client can go to the router setup page by typing in the IP address for the router and configure it. But they can't get through to the web server. The correct ports in the router are forwarded. They've tried two different routers. One was a standard off the shelf Dlinks router and a Cisco VPN router. Neither one has worked. They were able to communicate with a laptop on the router network with the Cisco router, they didn't try the dlinks router. Not sure if it would make a difference. I've set this up with ethernet capable cellular modems in the past and had no issues. Any thoughts?
Port forwarding is only used when accessing your external IP address on your router, which isn't happening on a VPN. Well, it is in a way, but not the way you think - the VPN is nailing up a connection between both routers so that the external IP address is actually invisible to the other side. What IP address is the remote site using to get to your router's configuration? The external IP address, or the internal one? Your router has two IP addresses, one that's similar to all the other devices in your network (internal) and one that is what your ISP gives you (external). If the remote site is using your router's internal IP address to get to your router's config, then the VPN is probably being successfully established - but I suspect that's not the case and you are actually not getting a successful VPN. The way the VPN should work is this: Both routers should know what IP ranges exist on either side of the VPN. Once the VPN is established, the routers will listen for requests to the IP range on the other side of the VPN. When it receives that request, the router says "Oh, I know this IP is on the other side of the VPN, forward the traffic there." It doesn't typically consider the public IP address, part of the addresses on the other side of the VPN. Part of this is impossible to troubleshoot without knowing the specific models of routers involved, exactly how you are establishing the VPN, and having direct knowledge of each router. On a Cisco router, the basic steps are: - Define the cryptographic policy for the VPN - Create an access list that defines the destination IP addresses for which the VPN should be used (i.e. we don't want ALL traffic sent through the VPN tunnel, just the traffic for which there is a private IP address on the other side) - Create a cryptographic map for the public-IP interface that defines what cryptography to use, what the peer is for the VPN (i.e. the router on the other side of the internet), and what access list to match when deciding whether traffic needs to go over the tunnel (previous step). You need to have different IP subnets on both sides, too, otherwise this doesn't work. I.e. if you have 192.168.0.xxx/255.255.255.0 on both sides, you have nothing to define in the router to say "Send this traffic over the VPN" - because 192.168.0.xxx is both local AND remote. Do you see what we're doing to bring up the VPN? You both make sure each side has agreed on how to encrypt traffic and peer with each other, and then you also make sure that both sides know what IP ranges are on the other side of the VPN. Port forwarding doesn't enter into it, because the traffic is being sent through the external IP address as if it wasn't there. That was a bit of a book, I just got to typing. Are you sure you even need a VPN, or do you just need port forwarding to access the web interface of your touch screen? If you need the latter, I'd set up port forwarding on a non-standard, random port (e.g. port 8726), forward that port to port 80 on your touch screen in your router, turn off all the VPN stuff, and have your client access <a class="postlink" href="http://" onclick="window.open(this.href);return false;">http://</a><your.external.ip>:8726/ - see if that works.
Are you allowed to ask simple questions in this thread? I have a small network at my office - 3 computers and one plotter. (No wireless.) I don't generally share files from one computer to another, but there would be data from one computer to the plotter. So, the main reason I have a 5 port switch is to allow all the computers access to the internet. Right now, I have DSL service (1.5 Mbps) but I am moving my office to a location that doesn't have DSL and will be upgrading to Cable (5 Mbps). These are probably dumb questions, but I don't much at all about the technology these days. (I learned with DOS and BASIC, when computer monitors just had green or orange text - cut me some slack.) Won't my 10/100 switch work just fine? Would there be any reason to upgrade my switch to a gigabit switch? My new desktop has 10/100/1000 Lan card, but nothing else I use does. So, until I get gigabit internet or another device with a /1000 card, am I "choking" speed through my older switch? 2nd question (Can I ask 2 in one post?) Can a desktop with a wireless card print directly to a printer with wireless capability? Or, do you have to have a wireless router in between?
The only reason to have a Gigabit switch is if you have two (or more) computers with gigabit network cards that you want to transfer big files between. Otherwise, there is absolutely no advantage. Probably. It depends on your printer and how the wireless computer is set up. A lot of printers can create an ad hoc wireless network that you can connect to in order to print - in that case, you have to specify an IP address on the printer and the computer, and match all of your settings between the two devices. There may be a utility to do this easily if you look on the website for your printer. An ad hoc network is a device-to-device network. The other option, which your printer may or may not support, is called infrastructure mode which is basically where the printer acts like a wireless router. It broadcasts out a network that you can just connect to, the same way you'd connect to a wireless router. Again, it depends on your printer but if you check your documentation or a manual on the appropriate website, there should be explicit instructions for how to connect wirelessly to the printer.
Can somebody direct me to a good resource / support forum or somewhere to figure out getting an old plotter (large format printer) to communicate with my new computer? I am not having any luck figuring this out myself. I have an HP DesignJet 750C Plus (although, that doesn't matter, I don't think) E-size plotter with an HP JetDirect 10Base-T card. I have plotted many, many drawings to it through my old computers, all running Windows XP, using a Linksys 5 -port hub. I had DSL service - DSL modem into hub, 3 computers on hub + the plotter. Now, I have a new computer (Windows 7) and a cable modem, and I cannot figure out how to set up the plotter as a printer on my new computer. I can access the internet just fine from the new computer, using the same hub, and I can access the internet with other computers through different ports of that hub. I have confirmed that all the cables, connections and ports are good, with testers and by switching cables and ports. I can print the config page on my plotter through the control panel, so it displays the IP address of the plotter. I've tried letting my computer "find" the plotter with no luck, and I've tried manually entering everything like the IP address. No worky. I am stumped, and have followed all the tips I can find. I am quite certain that I'm doing something stupid and can't find a basic setting, because I also can't access the internet or network from one of my old computers.
The first thing I'd do is try pinging the IP address of your plotter from your machine, just to see if data can get to it or not. Did you set the IP on the plotter manually or is it set to grab one from your router?
I am quite certain data is not getting there. (That's one reason I've spent so much time checking cables and ports, because I just feel like I'm doing something really basically stupid, like not plugging in the ethernet cable.) But, I looked up how to ping the IP address from my machine . . . "request timed out"
I forgot to answer your question. I manually set it. I know this is a dumb question, but are the first three sets of numbers in the IP address supposed to be the same for computers / devices on the same network? It seems like I remember from years ago, that the last three digits were the only thing that changed within the network. Like one computer would be 123.234.345.1 and the other would be 123.234.345.2 or something. So, should I check the IP address of my new computer, then change the plotter's IP address to be one number different or something? (It's a pain to change, by the way - it'd be easier to change my computer's to match the plotter - but, then I don't know if my hub & cable modem will communicate right. Did I mention I don't know what I'm doing?)
Yeah you have to change the IP of your plotter to match the network. So if your old plotter IP was 192.168.0.45 and your new router is passing out IP addresses to your computer that go 10.0.0.13 then you need to change your plotter's IP to match the rest of the network. On your computer, hit start then run and type in cmd. Then type ipconfig and make note of your IP address, subnet, and gateway. Copy over the subnet and gateway info to your plotter and make sure the IP is kosher.
The wireless in my apartment complex keeps shutting down. I can go have the router reset, but in about an hour, it will just shit out. I get the Windows 7 message to reset the router, which will only work for about an hour. I'm getting this wireless, which is desperately slow, from an Internet cafe on the side of our block, so I know the other computers still have internet. I have turned on some torrents, but I can't tell if this is part of the problem or not. All of this started about a week ago. Any ideas as to what will make a router continually have to be reset? Is there a magical way I can do that from my laptop, without going to the cafe? Some of the guys who work there will unplug the thing and tell me to come back when it shits out. Some of them insist the router is fine and it's "de center". Any advice would be highly appreciated.
You're torrenting off of shared bandwidth from an internet cafe? Do you also feel entitled to multiple lanes of traffic when you drive?
Fair enough. You're going to fuck those guys over, though, if/when you download the wrong torrent and find out it was being tracked, and it leads back to them. So, if the cafe wants to let you reset it at will, they could give you the login password for the router and there's probably the ability to do that from within the web interface. If your wireless has disconnected, though, it may not help because you probably can't reach the router. Does rebooting your computer fix the issue on your end or is it really only fixed by a reset on their end? Alternately, have you tried disabling and reenabling your wireless card when this happens to see if that fixes it? Do you have another Wifi device (phone or something) that you could test with to ensure it's not just the laptop?
I'm in Indonesia, torrenting the tv shows I can't stream. As long as I'm not dl'ing porn, they don't give a shit. There are two laptops and a tablet: none of them work. I keep doing the "troubleshoot connection" which resets the wireless card. It's the router that constantly needs attention, because each time it gets reset, no problem. I've restarted all the devices just to make sure the problem lies with the router.
Note the IP address of the default gateway - open a command prompt, and type "ipconfig /all" Next time the internet stops working, open a command prompt and type "ping <ip address>". If the default gateway isn't responding, then you've actually lost connection to the wireless device itself and not just to the outside internet, and in that case, there's nothing you can do to reset the router. Are you 100% sure internet is functioning in their building during this time? It may be a signal problem if you've got an especially weak signal. Is there an area of your place that actually gets a good signal? Can you leave a device in that place and see if the device ALWAYS has a good signal, if the problem goes away? It's possible that the signal is weak enough as to cause the devices to disconnect, but the router still believes they are connected - so only rebooting will clear them out.
I have a Dell laptop that connects to my router but will not connect to the internet. A Google search tells me this is not uncommnon for Dell laptops, but none of the suggestions listed seemed to work. When I check my connection status, it tells me I have limited access, local only. When I run a diagnostic, the information tells me that the computer isn't identifying a gateway IP address, yet I can find no way to reconnect. I know it is not a router issue, as three other laptops and my xbox 360 have no problem seeing the wireless network and connecting to the internet. I've even tried putting two laptops side by side and ensuring that the Dell has the same settings as the one that connects, but it didn't help. Any other ideas? Is there any place to actually enter the gateway ip address manually (I couldn't find one).
I'm going to assume Windows Vista/Windows 7. Go into your Network and Sharing Center in the Control Panel. On the left, click Change Adapter Settings. Right click on Wireless Adapter, hit Properties, select Internet Protocol Version 4, then hit the Properties button. There you can manually specify an IP address/default gateway/DNS. Copy these settings from a working computer, but make sure your IP address is significantly different from theirs. So if your Xbox has 192.168.1.4, make sure you choose like 192.168.1.125 or something, so you don't interfere with other devices that attach to your network in the future.