dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1494
SigmaInigma
join:2014-07-11
Vinton, VA

SigmaInigma

Member

Help configuring a router for use on a college campus

I have an Asus RT-N66U that I have put tomato firmware on. I am a student at George Mason University and I am trying to use my own router so that I can connect to a VPN. I have tried multiple setups but am having problems with them all.

Right now I have the WAN port of my router connected to the wall. I have my desktop computer and Xbox One connected to the router's LAN ports. I have no need for wireless functionality. It is working and I have an internet connection but occasionally (usually once or twice a day) the internet will stop working. Restarting the router immediately resolves the issue but I do not want to have to restart it every day.

I have also tried connecting the connection from the wall into the LAN port instead of the WAN port but had similar results. I have never setup a router on a network that already has a router so I think this may be where I am running into issues.

Right now my router is being assigned an IP of 10.186.127.233 on the WAN port. Subnet mask is 255.255.192.0
Gateway is 10.186.64.1
This was all assigned by DHCP from the schools router.

My router's LAN IP adress is the standard 192.168.1.1

Any ideas why I am getting connection drops?

bdnhsv
join:2012-01-20
Huntsville, AL

bdnhsv

Member

Sounds like you are at times behind double NAT. That, and sometimes even single NAT will cause problems for certain types of VPN connections. What protocol are you using for your VPN? pptp, ipsec, openvpn, etc.?
LittleBill
join:2013-05-24

1 recommendation

LittleBill to SigmaInigma

Member

to SigmaInigma
double nat is not your issue. i have done vpn behind 4 nat routers before for days. currently doing it now.

try another router and see if the connection drops, try plugging directly into the connection on the walls and see if it drops, if it does short of calling IT. there is nothing you can do
SigmaInigma
join:2014-07-11
Vinton, VA

SigmaInigma

Member

The connection seems to drop regardless of whether or not I am connected to the VPN but I use OpenVPN protocol.

The connection never drops if I plug my computer straight into the wall, only when using my router. I have tried two different routers and have got the same problem so I know it is not an issue with the hardware. Has to be something with the configuration of the schools network or my router I think. I've never setup a router behind another router before and just assumed there would maybe be some special configuration needed.

bdnhsv
join:2012-01-20
Huntsville, AL

bdnhsv

Member

OK. Is there a reason you are trying to use another router (in addition to the school's)? Are you just needing to connect multiple devices to your single Ethernet outlet in your room/apartment?

BlueMist
join:2011-01-24
Cookeville, TN

BlueMist to SigmaInigma

Member

to SigmaInigma
Just a few ideas that came to mind in no certain order.

If all you want to do is run a VPN link try running it directly from your PC.

If you just need more ports than the one in the wall try turning off the DHCP options on the LAN side and plug the cable from the wall to a LAN port, not the WAN port. Then use the remaining LAN ports as a dumb bridge. Any IP address would then come from the school's router. You can still run the VPN directly from a PC if you still want one.

Try using the same cable presently attached to the PC as the cable between the wall jack and the router. If the router becomes stable the other cable becomes suspect.

Make sure the router is set to use DNS servers other than those supplied by school router.

Another test would be to clone your PC's MAC address to the WAN port of your router and see if the router link becomes stable.
SigmaInigma
join:2014-07-11
Vinton, VA

SigmaInigma

Member

I guess I should have explained a little more why I am doing all this. The main reason is that I have an Xbox One and play a lot of online games. I have two LAN ports in the wall in my room so that is not the problem. I have one for my PC and my Xbox. The problem is that this semester the school decided to tighten up security in response to rising cyber attacks. Using the schools network I can play games on Xbox Live but because of their added security I now have a Strict NAT type which gives me problems connecting to my friends games. I have been trying to get around this using a VPN and it has worked. When I use the VPN my NAT type is open. Before I tried the router I tried running the VPN on the PC directly and sharing the connection with ICS to my Xbox. My PC has two network ports so I was able to accomplish this. This was working as well but I still had problems holding a stable connection. Every few hours or so it would drop. This is what led me to try a VPN with a router. I thought it would be more stable and I wouldn't have to have my PC running to play Xbox.

I have not tried cloning my PCs MAC to the WAN port. I can try that. What do you think that would accomplish? If both had the same MAC would internet traffic not get confused?
HELLFIRE
MVM
join:2009-11-25

1 recommendation

HELLFIRE to SigmaInigma

MVM

to SigmaInigma
said by SigmaInigma:

Any ideas why I am getting connection drops?

Do you have any connection logs from the N66U, VPN or otherwise?

Otherwise, you're basically reduced to running wireshark for traffic between your N66U's 10.x.x.x IP to the OpenVPN's IP to try and troubleshoot this.
said by SigmaInigma:

The main reason is that I have an Xbox One and play a lot of online games.

said by SigmaInigma:

the problem. I have one for my PC and my Xbox. The problem is that this semester the school decided to tighten up security in response to rising cyber attacks. Using the schools network I can play games on Xbox Live but because of their added security I now have a Strict NAT type which gives me problems connecting to my friends games.

I'll tell you right now given that setup / situation George Mason IT is likely going to tell you to pound sand from an assistance and
troubleshooting perspective. If all you're concerned about is getting OPEN NAT for your gaming, get yourself a raw internet feed independent
of the GMU network and plug your Xbox directly into it; leave the GMU connection for your "regular" stuff.

Or move out of the GMU dorm.

My 00000010bits

Regards

BlueMist
join:2011-01-24
Cookeville, TN

1 recommendation

BlueMist to SigmaInigma

Member

to SigmaInigma
It would not be the first school that actively recorded the PC's MAC address that was used when the Ethernet jack was activated and caused problems if the MAC address later changed unless IT was called to change the "records".

By cloning the MAC address to just the WAN port the router would look like you PC and the PC's traffic would still work just fine since it is on the LAN port. That is one reason the option was added to most routers.

In the early days of cable modems, cloning the MAC address on routers was quite common as cable companies would actively block any MAC you plugged into the cable modem that did not match the PC that was used to activate the account. Now it usually just takes a power cycle of the cable modem to reset the MAC monitoring as the cable companies have basically given up actively blocking routers.

It is remote that your school is actually using MAC's to block routers but it all depends on how paranoid the school IT department is and if they have grad students assisting them in running the department. Most likely they are doing some sort of VPN sniffing and blocking or disconnecting the VPN link after a short while.

Hellfire has some decent suggestions which might be ultimately needed if not being able to play the games of your choice is a deal breaker.

eibgrad
join:2010-03-15
united state

eibgrad to SigmaInigma

Member

to SigmaInigma
It's possible (if unlikely) that the school could be using traffic analysis to kill connections. Maybe they're being squeezed for bandwidth during peak hours, and this is their less than elegant way to prioritize traffic. Because if it was MAC based, I don't see why it would work for hours, then drop. Seems to me this is a very binary operation; good MAC, you're in, bad MAC, you're out.

sk1939
Premium Member
join:2010-10-23
Frederick, MD
ARRIS SB8200
Ubiquiti UDM-Pro
Juniper SRX320

sk1939 to BlueMist

Premium Member

to BlueMist
Most schools block VPN connections (and many other things like Bittorrent) for student and classroom networks for a variety of reasons. From the sounds of things however, it sounds just as likely that it is a misconfigured VPN as it does GMU blocking the VPN entirely.
LittleBill
join:2013-05-24

LittleBill to SigmaInigma

Member

to SigmaInigma
folks hes saying whether or not he is on vpn, they are dropping his connection....

sk1939
Premium Member
join:2010-10-23
Frederick, MD
ARRIS SB8200
Ubiquiti UDM-Pro
Juniper SRX320

sk1939

Premium Member

said by LittleBill:

folks hes saying whether or not he is on vpn, they are dropping his connection....

Only when he uses his own router though.
LittleBill
join:2013-05-24

LittleBill

Member

right your indicating they are looking for vpn though... not that its a router issue