dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3441
share rss forum feed

JPedroT

join:2005-02-18
kudos:1
reply to Anav

Re: Open VPN???

Install Twonkymedia, you can access the twony webserver and it will stream media stuff to you Then you just ned to forward the port Twonky is listening to.
--
"Perl is executable line noise, Python is executable pseudo-code."



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:4

Hmm how would that work. Do I just access the twonky server locally through my l2tp connection. is there even a twonky app


JPedroT

join:2005-02-18
kudos:1

With the browser on your phone, you only have to forward a port on your usg. Why do you insist on over complicate things?
--
"Perl is executable line noise, Python is executable pseudo-code."



Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:8
Reviews:
·TekSavvy DSL
·Bell Fibe
reply to Anav

L2TP client is built into pretty much any device commonly used today (Android, Windows, iOS) ... stick to it. Figure out why it's not working, do some packet capture or post your entire config to have a look together.

For me I can only say the L2TP works like charm, no issues whatsoever. (That said I acknowledge that there may be some bugs, but let's try to nail them down and let ZyXel know).



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:4
reply to JPedroT

JP I only plan on letting secure access through the router.


JPedroT

join:2005-02-18
kudos:1

Why only secure access? Afraid somebody is going to eavesdrop on your porn streaming?

If its an MTU problem which you have tried to diagnose, try to use a tool instead of just ping with DF to figure out the exact MTU and then sett the proper MSS value. Remember that MSS = MTU - 40 bytes, most likely. This tool might help you »www.iea-software.com/products/mtupath.cfm

But if your ISP is a moron and creates blackholes for PMTUD then change ISP.

Also remember that when you add LT2P you add even more overhead and if your ISP is doing some PPPoE/A or what not and maybe some LT2P also somewhere in the dark corners of their network, well your basically FUBAR.
Because you can keep dropping your MSS/MTU settings, problem is that your Data might actually need a minimum setting, so somewhere you are going the screwed over by a lame ass ISP
--
"Perl is executable line noise, Python is executable pseudo-code."


JPedroT

join:2005-02-18
kudos:1

1 edit
reply to Anav

You have mentioned media files, but never told us how you want to transfer them, you said stream, but that is very non informative.

Are you using your web browser for streaming or is there some other way? If web browser, forward https to your NAS and stream it in an https session then.

--
"Perl is executable line noise, Python is executable pseudo-code."


JPedroT

join:2005-02-18
kudos:1
reply to bbarrera

There was supposed to be a quote here, but its answer to your question on why text files work and not media files, especially streamed ones.

--
Because you download the complete file before you view it. So retransmisson etc are not noticable, it just add a couple seconds.

Real time streaming, means packets can not arrive out of order nor be dropped, for smooth viewing.

Problem is that if they do, you will see pixelation in your video or no sound in audio etc. But if you lose alot of packets that way, you soon mess up how the encoding is done and well your fubar. Its basically like buying something from ikea and you do not get all the pieces to assemble it.
--
"Perl is executable line noise, Python is executable pseudo-code."



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:4

Thanks JP for the explanation sounds reasonable. I will have to wait for twonky 7 for NSA on next version of software, its in beta right now and current POS does not work, for that matter the Netgear streaming server is another POS. I just may have to look at Https streaming, especially if performance blows away l2tp.


JPedroT

join:2005-02-18
kudos:1

Try on your LAN first, can the NAS keep up, then its just the wonky payload sizes to overcome for WAN.
--
"Perl is executable line noise, Python is executable pseudo-code."



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:4

Oh, all my stuff over the LAN via wifi to my smart phone ROCKS.
I cannot get the twonky beam app on my android or the netgear ready remote app to work so im giving up on streaming media servers from the NAS boxes.

Its why Im starting to think that bypassing l2tp and using https direct to the NAS may be the best bet, probably just a matter of forwarding a port and creating a firewall rule.



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:4
reply to Anav

Double frugg, I tried the browser thru the L2TP to the webserver and it worked okay. So I thought direct via https would be even better but I cant seem to get through. I create a Wan to Lan1 FW rule and a NAT rule but the damn logs say Wan to zywall blocked.
Well its a WAN to lAN1 rule from any to the destination IP address call it 192.168.1.20 (same destination on Virtual server and FW rule) and same service port xxx tcp) on both. Why the Eff does the firewall log say Wan to Zywall source upty squat, destinatin my IP:xxx Dropped????
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment


JPedroT

join:2005-02-18
kudos:1

I have come across the exact same thing, except for SNMP, seems like a bug to me. But I might have configured stuff wrong also, did not have the time to investigate further, I just put the SNMP server straight on the internet instead
--
"Perl is executable line noise, Python is executable pseudo-code."



bbarrera
Premium,MVM
join:2000-10-23
Sacramento, CA
kudos:1
reply to Anav

said by Anav:

I create a Wan to Lan1 FW rule and a NAT rule but the damn logs say Wan to zywall blocked.

look at Configuration > System > WWW and change the HTTPS port and also disable "Redirect HTTP to HTTPS"

See if that helps.


Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:4

1 edit

Will do, I think the https port was changed long ago but the http redirect is something also long ago enabled, will check it.

I am curious though about the termination point of the tunnel being the LANSUBNET. Why is the LANPOOL recommended not to be the same LAN structure as where your connecting too.
In other words why not assign the remote client coming in to the same subnet????

Edit: unchecking force to https had no effect.



bbarrera
Premium,MVM
join:2000-10-23
Sacramento, CA
kudos:1

said by Anav:

In other words why not assign the remote client coming in to the same subnet????

yeah I find that annoying as my Mac OS X L2TP server uses the same subnet. That said its routed, and therefore mDNS (Bonjour/Zeroconf/Avahi) traffic doesn't make it to the remote host.


Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:4
reply to Anav

in the examples the pool is completely different from the LAN. I just want to understand why? I tried making it the same but it did not help my dilemma/

What about setting up LAN2 as a DHCP serving LAN, make my lanpool for ipsec as the same subnet as LAN2 and then have an open firewall rule lan2 to lan1 and lan1 to lan2...... Would that make a difference??

Would all be moot if I could https direct over 4g LTE to reach my friggin LAN.
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment