dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2093
share rss forum feed


yllw98stng

@windstream.net

[Equipment] Troubles with Cisco VPN Client and Fast1704

I'm the network administrator for a small company. We have several Windstream users working from home who have the SageMCOM Fast 1704 modem. These users are experiencing frequent disconnects from VPN. The rest of the internet continues to function when VPN disconnects. They are typically disconnected after 3-8 minutes. We have several other Windstream users with SageMCom 4300's and they have no issues with VPN.

I was able to obtain a 1704 and tested it at my house. I had the same issue. I attempted to update the firmware via this page »www.windstream.com/Support/Firmw···te-1704/ but the utility just says "initializing" and the "Update Firmware" button is grayed out.

I also called tech support. They originally said it was a DNS issue and changed the DNS servers in the modem. That made no difference.

Then they opened some ports required by the Cisco VPN Client that we use. That has made no difference either.

Any other suggestions?
Jason


borisbadenov

join:2005-12-05
Barbourville, KY

Hope there is another ISP availible is what ALOT of people on this board will tell you



BridgeMode

@pnap.net
reply to yllw98stng

I had the very same issue with the 1704 and I believe it's related to non-functioning PMTUD and a lack of MSS clamping and some big MTU issues. The "upgrade" on Windstream's page is actually for a Speedstream modem, not the Sagem, so they have an inaccurate link (Aaron can you report it?)

My solution was to just use the Sagem 1704 in bridge mode and use a SOHO router with a happy network stack that accepts ICMP type 3 code 4 and/or MSS clamping. I also set my MTU to 1280 just for giggles.

I know you're a network eng but »www.cisco.com/en/US/tech/tk827/t···79.shtml may help too.

I'm on an IPSEC VPN for work about 8 hours a day. I believe the 1704 is garbage and honestly, I wouldn't trust it either since it's Chinese Linux. Seems Sagem doesn't honor the GPL either with many of their devices.

I am a Windstream customer.



BridgeMode

@pnap.net

Well, I take that back about the GPL issues, here's the Linux source code to the Sagem 1704

»opensource.sagemcom.com/index.php?id=79&L=0

Grabbing it now to do a code review.



Windstream
Premium,VIP
join:2009-03-31
Twinsburg, OH
kudos:38
reply to yllw98stng

Have you considered disabling the firewall in the modems altogether, or DMZ the primary computers? Its possible that the firewall could be the source of the problems. Specifically what Cisco VPN program are you using? What ports does it require be opened? Does your network firewall require any ports to be open on the employees end? Have the MTU setting been verified in the modem? Are all the people having problems in the same area? Feel free to send me a PM if that is easier for you. Pat and Larissa work the »Windstream Direct and they should be able to assist as well if you prefer to post there.

Sorry about the '20 questions'.

Aaron
CRC Data
Specialist II
--
We're here to help! wci.broadbandhelp@windstream.com



Windstream
Premium,VIP
join:2009-03-31
Twinsburg, OH
kudos:38
reply to BridgeMode

BridgeMode
Thank you for telling me. I will get that link taken care of asap.

Aaron
--
We're here to help! wci.broadbandhelp@windstream.com



yllw98stng

@cdolinc.net
reply to Windstream

I had considering setting the modem to bridge mode and that would be suitable for myself, but would be very disappointing to all the Windstream customers who purchased this modem to take advantage of the built-in wireless.

I did not attempt to disable the firwall completely, but I did set the primary computer as the DMZ IP Address. We use the Cisco VPN Client software.

We have opened ports 50, 500, 4500, 10000.

So far, the people that have reported this problem are all located in Lincoln, NE.

I will troubleshoot this issue a little further this afternoon to answer some of your other questions.

Jason


yllw98stng

join:2013-04-16
reply to Windstream

The firmware update utility on the Windstream site (»www.windstream.com/Support/Firmw···te-1704/) still shows "Speedstream". When I launch it, the "Update Firmware" button is grayed out.


bcruze

join:2006-03-03
USA
reply to yllw98stng

Same issue, but I was able to get the 4300.

I hope they continue to offer the non WiFi sage com..


fatdaddyphat

join:2013-05-10
reply to Windstream

I am a tech for a managed service provider. Most of our customers are retail stores, financial institutions, etc. We are having trouble with the Windstream Sagecom 1704 blocking the VPN tunnel. Here is the configuration that we are using:
1. Navigate to 192.168.254.254
2. Enter username/password admin/admin
3. Click on Wireless
4. Uncheck Enable Wireless
5. Click on Advanced Setup, then WAN Service
6. Click on Edit, then enter the PPPoE Username & Password
7. Disable NAT
8. Disable Firewall
9. Click on Advanced Setup, then LAN
10. Enter the Default Gateway IP Address (from LOTS) and Subnet Mask
11. Uncheck Enable LAN side firewall
12. Uncheck Enable DHCP
13. Click on Apply/Save
14. Have the tech configure his laptop with the static IP address and attempt to surf. If he gets a Windstream activation page, follow the steps to complete the activation.

Please advise what steps to take to resolve our VPN issue. Thanks!



Windstream
Premium,VIP
join:2009-03-31
Twinsburg, OH
kudos:38

You disabled the firewall and are still experiencing issues? You have verified that it is not an issue with a firewall on the PC?

Aaron
Specialist II
--
We're here to help! wci.broadbandhelp@windstream.com


fatdaddyphat

join:2013-05-10

1 edit

We actually just resolved with the assistance of one of your techs. The fix was disabling IGMP Snooping on the LAN setup page of the interface.



Windstream
Premium,VIP
join:2009-03-31
Twinsburg, OH
kudos:38

Outstanding news. Thank you for the update!

Aaron
Specialist II
--
We're here to help! wci.broadbandhelp@windstream.com


fatdaddyphat

join:2013-05-10
reply to yllw98stng

When I navigate to the default gateway IP address in a web browser, I get the login prompt. What are the username & password for remote access?



Windstream
Premium,VIP
join:2009-03-31
Twinsburg, OH
kudos:38

That information is usually on the back of the modem in question and varies based on each unit. Typically the Mac address is part of the password. Unless you are referring to being hard-wired directly to the modem, in which case the username and the password are both 'admin'.

Aaron
Specialist II
--
We're here to help! wci.broadbandhelp@windstream.com