Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BT2700HGV partially drops VPN connection after 3 minutes

GSBTForum
Member

on ‎25-03-2013 12:54 PM

Hello

 

We have the following Business Router:

 

                                                                                                                                                                           

Model:BT2700HGV
Hardware Version:2701-100589-005
Firmware Version:6.3.9.63-plus.tm

 

We can successfully connect to our Windows VPN Server.  Port forwarding on port 1723 has been allowed through the BT router and another router through which we pass.

 

After three minutes of little or no activity, or longer when there is no activity but then some activity, the Windows VPN client, a laptop, becomes disconnected from the VPN.

 

Windows dial-up networking thinks it is still connected. It never detects that the connection has dropped and never offers a redial dialogue.

 

I can pretty reliably reproduce the problem.

 

1) Start a ping -t to a host on the VPN network

2) Connect to the VPN, open a word document off the network. (ping looks good, good response times.)

3) Leave everything idle for a minute or two.  Make a couple of changes to the word document and click save.

4) ping shows request timed out.  Within Dial up and VPN connections the connection still shows as connected.

5) No further functionality available from the VPN.

6) Disconnect / connect - all works again until you do something.

 

I am convinced the BT router is dropping something important to maintain the connection.  I have tried to turn off the firewall altogether via Settings \ LAN \ NAT & Address Allocation but the setting is never remembered and remains "Enabled".

 

As mentioned there is another router involved which we have recently swapped out to eliminate it.

 

Internet -> BT Router -> Cisco Router -> VPN Server

 

Our BT router issues addresses in the 192.168.1.x address range.  The Cisco router in the 192.168.0.x address range. 

 

The problem only occurs when I connect in from the Internet.  When I connect to the VPN from the 192.168.1.x network the connection stays up and I can access the 192.168.0.x network with no issues for as long as I like.

 

This rules out any issues with the Cisco router.  The issue is somewhere on the BT router dealing with connections from the Internet, versus locally.  This would make sense of course as this is the portion that is managed by the firewall.

 

Can anyone suggest anything?  I did look in the firewall log previously and I am sure it said something about ipproto 7 being dropped, but what does one do about it?

 

I considered putting the Cisco router in DMZPlus mode so as to receive all traffic and not be firewalled (it has it's own firewall & port forwarding functionality), but this should not be required.

 

The BT router is dropping something which is effectively severing the connection but not leading the windows client to acknowledge that it's been disconnected.

 

I am not a total novice, I have Microsoft MCP certification in TCP/IP, albeit from the 90s.

0 Kudos
1 REPLY 1

GSBTForum
Member

on ‎27-03-2013 09:17 AM

This is the information logged by the router when the session is disconnected:

 

INF  2013-03-27T08:48:51Z  fw,fwmon  src=SRC_IP dst=DST_IP ipprot=47 Unknown inbound session stopped

 

Where SRC_IP is my IP address at home and DST_IP is the router IP address I'm connecting to.

 

Would you believe someone is talking about a very similar problem, with the same error, back in 2009!!!

 

http://business.forums.bt.com/t5/Broadband-and-internet/Connection-problem-every-hour-on-the-hour/td...

 

We do seem to be on a later firmware revision than them though, which is the advised resolution.  Says he was upgraded to .49, I am not sure how that translates to our Firmware version.

 

Can anyone at BT advise whether we need to upgrade or what?

0 Kudos