Networking experts - got any ideas at all on these problems???
#1
Scooby Regular
Thread Starter
Networking experts - got any ideas at all on these problems???
I now have my network setup and working (mostly) for main PC, Xbox and PS2. But...i'm still having the following problems:
1. If I leave the router switched on, then turn my PC on in the morning I cant connect. Ipconfig shows the LAN connection, but I cant get anywhere. I have to switch the router off, wait 10 secs, then switch it back on - everything is fine then but its annoying!!
2. I have a VPN connection to Titan for my website databases (MySQL) When I double click the connection, it comes up with "connecting to vpn", authenticates and registers then the connection is there (i.e. with the little icon in the sys tray).
Ipconfig shows the connection, and I can ping the IP address it has given me, but I cant ping any of the servers on the network that I need to get to.
So anyone got any ideas on this? Its well annoying me now
I can post net diagnostics if required?
1. If I leave the router switched on, then turn my PC on in the morning I cant connect. Ipconfig shows the LAN connection, but I cant get anywhere. I have to switch the router off, wait 10 secs, then switch it back on - everything is fine then but its annoying!!
2. I have a VPN connection to Titan for my website databases (MySQL) When I double click the connection, it comes up with "connecting to vpn", authenticates and registers then the connection is there (i.e. with the little icon in the sys tray).
Ipconfig shows the connection, and I can ping the IP address it has given me, but I cant ping any of the servers on the network that I need to get to.
So anyone got any ideas on this? Its well annoying me now
I can post net diagnostics if required?
#2
Scooby Regular
ping only tells you if the device responds or not (no more). Try doing a tracert to the IP address you are given as well as the servers you want to connect to over the VPN. e.g tracert 158.152.1.58
Is your VPN setup between your individual PC and your ISP? you're not using your router to do a LAN - LAN VPN connection?
How is the router connected to your PC? RJ45 LAN or did you use the USB connection?
Stefan
Is your VPN setup between your individual PC and your ISP? you're not using your router to do a LAN - LAN VPN connection?
How is the router connected to your PC? RJ45 LAN or did you use the USB connection?
Stefan
#4
Scooby Regular
Join Date: Aug 2002
Location: not forgetting 20,000 posts from last time ;)
Posts: 5,806
Likes: 0
Received 0 Likes
on
0 Posts
Check the metric value for the connections, as the VPN is probably taking priority over LAN connections and blocking the internal connections.
#6
Scooby Regular
I think he means metric value of the routes.
Do a ROUTE PRINT at a command prompt.
Any joy with the tracert?
How did you connect via VPN before. Was the cable modem and (more importantly) the ISP IP address bound directly to your PC's LAN (or USB) port?
I assume you're now using NAT behind the firewall, so perhaps the VPN client has a problem routing requests on your NAT'ed network. What software is establishing the VPN connection?
Stefan
Do a ROUTE PRINT at a command prompt.
Any joy with the tracert?
How did you connect via VPN before. Was the cable modem and (more importantly) the ISP IP address bound directly to your PC's LAN (or USB) port?
I assume you're now using NAT behind the firewall, so perhaps the VPN client has a problem routing requests on your NAT'ed network. What software is establishing the VPN connection?
Stefan
#7
Scooby Regular
DW, I've been asking my IT dept at work, and to access VPN, the router needs a protocol enabled (protocol 49?) - effectively your VPN is a tunnel to and from your workplace. My (limited) understanding is that your home pc is seen as an extension to the work's network. You need to set up the router to allow your PC to be seen through this tunnel. However, the router may not be VPN compatible (can't check mine at work).
One way around it in the meantime is to reconnect your old ADSL modem when you want to use VPN.....
Hope this helps.....
Dan
One way around it in the meantime is to reconnect your old ADSL modem when you want to use VPN.....
Hope this helps.....
Dan
Trending Topics
#8
Scooby Regular
DW - I've just found this on the ADSLTech website - it might help
http://adsltech.com/portal/forum/for...?TID=11&KW=VPN
Dan
Updated for a direct link to the post
http://adsltech.com/forum/forum_posts.asp?TID=202&PN=1
http://adsltech.com/portal/forum/for...?TID=11&KW=VPN
Dan
Updated for a direct link to the post
http://adsltech.com/forum/forum_posts.asp?TID=202&PN=1
Last edited by ScoobyDoo555; 19 May 2004 at 03:18 PM.
#9
Scooby Regular
Thread Starter
Right here goes:
Tried tracert and it worked fine on all IP addresses, except the ones I want to get to. It timed out on those, though I did notice it initially connected to a third mystery IP address in the same VPN range.
Just done route print, but have no idea what i'm looking at. Metrics of 1, 20 and 50 are showing, with various Ip addresses.
Before I set the network up I just connected via USB modem and all was well. BUT now here's the odd bit. Last week I ripped the router back out, as well as all network stuff and re-installed my USB modem, so I was back to my original connection mode, and I could no longer connect, so theres obviously been a system change somewhere.
Re NAT's and software, I am using Mysql-front to connect, but it comes up with a 2003 error. However that doesnt really matter as I cant even Ping the IP range in the first place once I have connected the VPN.
Not sure if this means anything, but the network diagnostics comes up with 1 FAIL error:
[00458755] WAN Miniport (IP) (FAILED)
- DNSServerSearchOrder (FAILED)
- 192.168.2.10 (FAILED)
Pinging 192.168.2.10 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.10:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
- 192.168.2.11 (FAILED)
Pinging 192.168.2.11 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.11:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
Dont actually know what that IP address is though
Bloody nightmare this.
Also just tried to set the PS2 up with its own IP address rather than using the DMZ, and that dont work now either.
Computers - dont you love em
Tried tracert and it worked fine on all IP addresses, except the ones I want to get to. It timed out on those, though I did notice it initially connected to a third mystery IP address in the same VPN range.
Just done route print, but have no idea what i'm looking at. Metrics of 1, 20 and 50 are showing, with various Ip addresses.
Before I set the network up I just connected via USB modem and all was well. BUT now here's the odd bit. Last week I ripped the router back out, as well as all network stuff and re-installed my USB modem, so I was back to my original connection mode, and I could no longer connect, so theres obviously been a system change somewhere.
Re NAT's and software, I am using Mysql-front to connect, but it comes up with a 2003 error. However that doesnt really matter as I cant even Ping the IP range in the first place once I have connected the VPN.
Not sure if this means anything, but the network diagnostics comes up with 1 FAIL error:
[00458755] WAN Miniport (IP) (FAILED)
- DNSServerSearchOrder (FAILED)
- 192.168.2.10 (FAILED)
Pinging 192.168.2.10 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.10:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
- 192.168.2.11 (FAILED)
Pinging 192.168.2.11 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.11:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
Dont actually know what that IP address is though
Bloody nightmare this.
Also just tried to set the PS2 up with its own IP address rather than using the DMZ, and that dont work now either.
Computers - dont you love em
#10
Scooby Regular
Computers - dont you love em
AFAIK, My-SQL isn't a VPN client. There must be something at a lower level establishing the VPN. I would suspect the M$ VPN client is used and My-SQL is just piggy-backing on top.
With a VPN you need to specify both end-points directly, so getting it to work behind a NAT'ed router can be a PITA. That's why I suspect it would work OK with the ADSL modem connected directly to a LAN or USB port - as the end-point is direct on the PC and not behind another router.
Stefan
#11
Scooby Regular
Thread Starter
I dont have a VPN client. The connection is just put in as a normal WAN connection - this may explain it better to you:
http://help.titanhosts.net/index.htm?i/vpn/intro.htm
Its the setup info for the vpn from Titan.
http://help.titanhosts.net/index.htm?i/vpn/intro.htm
Its the setup info for the vpn from Titan.
#12
Scooby Regular
You DO have a VPN client - it's the built-in M$ one. It just sits on top of the normal dial-up connection and uses a different protocol to establish the sessions and encapsulate the traffic.
Stefan
Stefan
#13
Scooby Regular
I'm pretty sure the M$ client logs VPN session info, just need to figure out where it is. Only really used Linux and NetScreen VPN clients myself.
Would be interesting to know what is hosting the VPN session at your ISP. Firewall appliance, Windows server, etc..
Stefan
Would be interesting to know what is hosting the VPN session at your ISP. Firewall appliance, Windows server, etc..
Stefan
#14
Scooby Regular
Thread Starter
Sorted!!
It was the Sygate firewall - I had tried disabling it but still no joy, so I just uninstalled it completely, and the VPN connection is now fine
Going to do a system restart now and see if it also cures the "reseting" issue as well.
Fingers crossed!!
It was the Sygate firewall - I had tried disabling it but still no joy, so I just uninstalled it completely, and the VPN connection is now fine
Going to do a system restart now and see if it also cures the "reseting" issue as well.
Fingers crossed!!
#17
Scooby Regular
Thread Starter
And sure enough no reset required
Bloody firewalls, more hassle than they are worth. I dd have ZA but it knacked my system and slowed everything down.
So ZA, and Sygate dont work for me, what next? Just rely on the Dynamic NAPT of the router?
Thanks for everyones help with this, especially ozzy
Just wish I had uninstalled the bloody thing last week now.
Bloody firewalls, more hassle than they are worth. I dd have ZA but it knacked my system and slowed everything down.
So ZA, and Sygate dont work for me, what next? Just rely on the Dynamic NAPT of the router?
Thanks for everyones help with this, especially ozzy
Just wish I had uninstalled the bloody thing last week now.
#18
Scooby Regular
Depends on the firewall. It should block attacks, but the handy thing with one of the personal firewalls is it can allow and restrict applications and show if anything is getting through or more importantly rogue adware that's installed itself on your local PC.
Use something like grc.com to test your public IP address.
Stefan
Use something like grc.com to test your public IP address.
Stefan
#19
Scooby Regular
Thread Starter
I may reinstall sygate then and set it up properly - a bit loathe to now that everythings working though
First thing I did was the GRC shields up and all ports are stealthed - the only fail was that they could ping my machine, but not sure where to block that with the XP firewall.
First thing I did was the GRC shields up and all ports are stealthed - the only fail was that they could ping my machine, but not sure where to block that with the XP firewall.
#20
Scooby Regular
XP firewall? the public IP should be on your router. It's only that that they should be able to PING. They shouldn't be able to ping directly to your PC's card (on the NAT'ed, private IP addressing - 192.168.... etc).
You should be able to block ICMP pings on the router to mask that.
You should be able to block ICMP pings on the router to mask that.
#22
Scooby Regular
Thread Starter
Just GRC'd it again with the following results, dont think I need to worry too much:
"Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice."
"Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice."
#24
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
If you'd have used ZoneAlarm it would have popped up prompting you that something was getting blocked or requesting access
Chris
#25
Scooby Regular
Chris,
It's the older NetScreen 7 client we use @ work. It's OK and pretty straightforward to setup. Can be a bit temperamental on XP if you add/remove network cards, but other than that it's decent enough.
I'd like to see the newest version though and compare it with some others. It's certainly better that the M$ one.
Stefan
It's the older NetScreen 7 client we use @ work. It's OK and pretty straightforward to setup. Can be a bit temperamental on XP if you add/remove network cards, but other than that it's decent enough.
I'd like to see the newest version though and compare it with some others. It's certainly better that the M$ one.
Stefan
#26
Scooby Regular
Thread Starter
Originally Posted by ScoobyDoo555
ahh. another firewall
Glad it's sorted though
Dan - see you on XBox Connect for PGR2
Glad it's sorted though
Dan - see you on XBox Connect for PGR2
I would prefer to connect as a stand alone without the PC running, so will be investing in the live starter kit this week.
Thread
Thread Starter
Forum
Replies
Last Post
Sam Witwicky
Engine Management and ECU Remapping
17
13 November 2015 10:49 AM
MightyArsenal
Wheels, Tyres & Brakes
6
25 September 2015 08:31 PM