Windstream → Re: [Equipment] Troubles with Cisco VPN Client and Fast1704

I had the very same issue with the 1704 and I believe it's related to non-functioning PMTUD and a lack of MSS clamping and some big MTU issues. The "upgrade" on Windstream's page is actually for a Speedstream modem, not the Sagem, so they have an inaccurate link (Aaron can you report it?)

My solution was to just use the Sagem 1704 in bridge mode and use a SOHO router with a happy network stack that accepts ICMP type 3 code 4 and/or MSS clamping. I also set my MTU to 1280 just for giggles.

I know you're a network eng but »www.cisco.com/en/US/tech ··· 79.shtml may help too.

I'm on an IPSEC VPN for work about 8 hours a day. I believe the 1704 is garbage and honestly, I wouldn't trust it either since it's Chinese Linux. Seems Sagem doesn't honor the GPL either with many of their devices.

I am a Windstream customer.

Well, I take that back about the GPL issues, here's the Linux source code to the Sagem 1704

»opensource.sagemcom.com/ ··· d=79&L=0

Grabbing it now to do a code review.

BridgeMode
Thank you for telling me. I will get that link taken care of asap.

Aaron

The firmware update utility on the Windstream site (»www.windstream.com/Suppo ··· te-1704/) still shows "Speedstream". When I launch it, the "Update Firmware" button is grayed out.

I am a tech for a managed service provider. Most of our customers are retail stores, financial institutions, etc. We are having trouble with the Windstream Sagecom 1704 blocking the VPN tunnel. Here is the configuration that we are using:
1. Navigate to 192.168.254.254
2. Enter username/password admin/admin
3. Click on Wireless
4. Uncheck Enable Wireless
5. Click on Advanced Setup, then WAN Service
6. Click on Edit, then enter the PPPoE Username & Password
7. Disable NAT
8. Disable Firewall
9. Click on Advanced Setup, then LAN
10. Enter the Default Gateway IP Address (from LOTS) and Subnet Mask
11. Uncheck Enable LAN side firewall
12. Uncheck Enable DHCP
13. Click on Apply/Save
14. Have the tech configure his laptop with the static IP address and attempt to surf. If he gets a Windstream activation page, follow the steps to complete the activation.

Please advise what steps to take to resolve our VPN issue. Thanks!

You disabled the firewall and are still experiencing issues? You have verified that it is not an issue with a firewall on the PC?

Aaron
Specialist II

We actually just resolved with the assistance of one of your techs. The fix was disabling IGMP Snooping on the LAN setup page of the interface.

Outstanding news. Thank you for the update!

Aaron
Specialist II