DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
2820n 3.3.4 and VPN Issues (UDP)
- gmegson
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 20
- Thank you received: 0
27 Jul 2010 12:09 #63010
by gmegson
2820n 3.3.4 and VPN Issues (UDP) was created by gmegson
Hi, upgraded my 2820n to v3.3.4 all going well apart from the company VPN session. These sessions use UDP encapsulate over port 501.
I could establish the session and then Outlook kept failing to download larger emails. The VPN would heartbeats would timeout and drop the VPN session regularly.:shock:
Solution -
1. In the firewall settings (DoS defence Setup) - increase the UDP flood defence to 650 (in my case) and 10 seconds (default)
2. Disable 'enable Strict Security Firewall' under Firewall>>general
I could establish the session and then Outlook kept failing to download larger emails. The VPN would heartbeats would timeout and drop the VPN session regularly.
Solution -
1. In the firewall settings (DoS defence Setup) - increase the UDP flood defence to 650 (in my case) and 10 seconds (default)
2. Disable 'enable Strict Security Firewall' under Firewall>>general
Please Log in or Create an account to join the conversation.
- voodle
- Offline
- Big Contributor
Less
More
- Posts: 1139
- Thank you received: 0
27 Jul 2010 12:24 #63011
by voodle
Replied by voodle on topic 2820n 3.3.4 and VPN Issues (UDP)
It should just be that first setting that made the difference, strict security firewall apparently just blocks internet access if the web content filter server can't be contacted.
That UDP flood detection isn't a bug so much as a default setting that causes problems
That UDP flood detection isn't a bug so much as a default setting that causes problems
Please Log in or Create an account to join the conversation.
- gmegson
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 20
- Thank you received: 0
27 Jul 2010 14:51 #63015
by gmegson
Replied by gmegson on topic Forget this solution!!!!!
Worked 100% fine last night and this morning and now just drops out every few minutes again. I think 3.3.4 is an unstable release (in VPN terms). Going to flash back to 3.3.3. I would recommend not to use this firmware if you are a VPN home worker or need stable wireless. :evil:
Please Log in or Create an account to join the conversation.
- gmegson
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 20
- Thank you received: 0
27 Jul 2010 14:54 #63016
by gmegson
Replied by gmegson on topic 2820n 3.3.4 and VPN Issues (UDP)
Could this thread be moved to "Installation and Setup Issues" please - not at all relevant (now) in gems...... thx
Please Log in or Create an account to join the conversation.
- liam_03_99
- Offline
- New Member
Less
More
- Posts: 6
- Thank you received: 0
18 Mar 2011 12:56 #66863
by liam_03_99
Replied by liam_03_99 on topic Re: 2820n 3.3.4 and VPN Issues (UDP)
Sorry to add to this but i totally agree that 3.3.4.1_232201 is very unstable in terms of VPN connectivity. 3.3.3 was much more stable than this release. Has anyone else had any other VPN issues using 3.3.4.1??
Liam
Liam
Please Log in or Create an account to join the conversation.
- gmegson
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 20
- Thank you received: 0
04 May 2011 23:49 #67588
by gmegson
Replied by gmegson on topic Re: 2820n 3.3.4 and VPN Issues (UDP)
While finally found a way over my problems with my ipsec vpn client
I have now upgraded to 3.3.5.2_232201 the official UK release from Draytek after being on the RC6 beta code for 3.3.5.2 for over two weeks. The fix for me was to move my vpn client from UDP encapsulate to standard ipsec UDP port 500.
On my 2820n modify the following...
1. Firewall / DoS defense - enble all except for 'block UnkownProtocol'
2. Firewall / General - uncheck 'Enable Strict Security Firewall'
3. Telnet to the 2820n and issue 'srv nat ipsecpass on'
:arrow: Possibly...
4. Disable the ipsec options in the "vpn and remote access" settings.
On number 4 - I had this disabled in the RC6 code but have just realised that most of today the option has been enabled in the 3.3.5.2 full uk release and it has not impacted my vpn stability at all - so possibly a red herring on that one......:o
I hope this can help others
I have now upgraded to 3.3.5.2_232201 the official UK release from Draytek after being on the RC6 beta code for 3.3.5.2 for over two weeks. The fix for me was to move my vpn client from UDP encapsulate to standard ipsec UDP port 500.
On my 2820n modify the following...
1. Firewall / DoS defense - enble all except for 'block UnkownProtocol'
2. Firewall / General - uncheck 'Enable Strict Security Firewall'
3. Telnet to the 2820n and issue 'srv nat ipsecpass on'
4. Disable the ipsec options in the "vpn and remote access" settings.
On number 4 - I had this disabled in the RC6 code but have just realised that most of today the option has been enabled in the 3.3.5.2 full uk release and it has not impacted my vpn stability at all - so possibly a red herring on that one......
I hope this can help others
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek