Orbi WiFi 7 RBE973
Reply

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

neiljt
Aspirant

Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Platform/Components

 

Microsoft Windows 7 Enterprise SP1 (64-bit)

Cisco AnyConnect Secure Mobility Client: 3.1.05187

 

Netgear AC1600 WiFi VDSL/ADSL Modem Router Model D6400

Configuration:

WiFi: all OFF

LAN:   Use IP range 10.0.0, w/ router IP=10.0.0.254

DHCP: Allocate 10.0.0.180-199, reserve 10.0.0.181 (for laptop)

 

 

Problem Description

 

I am attempting to connect to a corporate VPN, using a company laptop (with company software, which includes the VPN package) from my home internet connection.

 

Having recently moved home, and therefore connection, from BT 8Mb Broadband offering to BT Infinity Plus (Based in UK).

 

At previous home, I was connecting to VPN at work successfully/consistently using a trusty Netgear DG834v1, but otherwise the same components.

 

So the 2 changes are:

 

  1. DSL Connection
  2. Modem/router

 

Currently #2 is the focus.

 

I am attempting to connect to the corporate VPN, using a Windows 7 company laptop (Cisco AnyConnect Secure Mobility Client: 3.1.05187) via my home internet connection. The laptop is configured to a corporate build, so there is no option to vary the VPN client (i.e. to change software or configuration).

 

A new modem/router appears not be passing VPN traffic correctly.  My previous router was Netgear DG834v1, and needed no special settings.

 

New router details

Netgear AC1600 WiFi VDSL/ADSL Modem Router Model D6400

Configuration:

WiFi: all OFF

LAN:   Use IP range 10.0.0, w/ router IP=10.0.0.254

DHCP: Allocate 10.0.0.180-199, reserve 10.0.0.181 (for laptop)

 

Symptoms

I can connect to the VPN OK initially, but after ~5mins I lose web connectivity (to be fair I cannot yet confirm if this is due to web proxy or Corporate DNS becoming unreachable), and cannot connect to UNIX servers from PuTTY SSH client (I work in Solaris Support).

 

I have contacted Netgear directly, and they tell me there is no VPN pass through option on this router.  In fact they seemed a little confused, as they kept guiding me towards setting up VPN on the router for connecting to home from outside -- which is not what I was asking about  🙂

 

I have tried mapping port UDP/443 (I think this is correct for DTLS) back to laptop (on .181), and setting the router to respond to ping, but none of this has helped so far.

 

Has anyone managed to get this combination working, otherwise overcome VPN issues on this router that may lead me to an answer?

 

Thanks!

 

 

Message 1 of 15
TheEther
Guru

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Have you tried checking the AnyConnect client for logs about the loss of connectivity?  

 

The Windows Event Viewer may also shed some light.   AnyConnect logging may be stored under the Application and Service Logs.

 

Forwarding port 443 should not be needed.  Port 443 is probably used in the other direction.  That is, your laptop initiates a connection towards port 443 on the company VPN server.  The laptop will use a random, local port.

Message 2 of 15
neiljt
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Thanks for the suggestions!

 

There is a lot of info in the Windows Event Log, so I will spend some time going through it.   I think there may be a lot of false alarms in there, but have already picked out a couple of potentially valuable clues relating to MTU sizes, with a lower MTU (for TSL) of 1331, so I think that may well be worth testing.

 

I will update here with my findings.

Message 3 of 15

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Which firmware on the D6400?

 

It is almost certainly not related, but the newest firmware broke the modem's ADSL connectivity. (By coincidence, it cut off after about five minutes on BT.) Maybe it broke other stuff too.

 

 

Message 4 of 15
neiljt
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Firmware is V1.0.0.34_1.3.34  -- which I'm pretty sure is the latest.  I stupidly updated to the latest firmware when I first switched on.

 

I'd be interested in further details on exactly what is broken in the newest firmware.   I'm not aware of anything *not* working other than my VPN connection.  

 

Then again my connection is a bit of a mystery package right now:  The modem connects using mode VDSL2 to what is supposed to be BT Infinity Plus.  Sounds reasonable so far, except that I can't get d/l speeds of > 18Mbs, and the engineer who finally connected my phone today noted that I am "not set up for broadband".   It will be interesting to get to the bottom of that, but that is another story!

 

Thanks for the input, Michael.

 

 

Message 5 of 15
neiljt
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Following up on my earlier reply to TheEther, I have now tested with MTU of 1331, and this does not help.   I'll go back to the logs in the hope of finding more clues.

Message 6 of 15

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins


@neiljt wrote:

Then again my connection is a bit of a mystery package right now:  The modem connects using mode VDSL2 to what is supposed to be BT Infinity Plus.  

 


That doesn't sound right. As you say, a bit of a mystery package.

 

For a while Netgear removed the original firmware. It was back the last time I looked.

 

 

Message 7 of 15
neiljt
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Thanks to all who took the time to respond.

 

The solution was quick & simple in the end:   I returned the D6400, and replaced it with the Asus DSL-AC68U.  Magically, I can now once again reach the company VPN!

 

Farewell for now, Netgear!

 

--Neil.

Message 8 of 15
RiaanStols
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Hi,

 

I have exactly the same problem when connecting to my company’s network via VPN, it work for +-5mins then just dies. 

 

im using a Netgear D6400 V1.0.0.34_1.3.34 and cisco anyconnect VPN client

 

my old router is a Netgear N300 and it works 100% with no config needed. 

Message 9 of 15
zeuss
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Hi ,

Have the problem still there ?

Did you ever try enable QoS in QoS Setup page (just enable it) and see if it will help ?

Message 10 of 15
KeithReardon
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

I have the same issue with new D6400 router. Firmware is V1.0.0.44_1.0.44

I am able to use Cisco Any connect from my laptop but my Cisco VPN phone reconnects every 5 to 6 minutes.

There seems to be no problem connecting, the connection drops after 5 to 6 minutes. I have actually timed this and it is very regular.

I was not facing this with my old linksys modem. I have also connected the Cisco VPN phone to the WiFi from my mobile Hotspot and I don't see the problem.
Message 11 of 15
neiljt
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

@zeuss:

 

Sorry, only just saw this  🙂

 

Thanks for the suggestion, but at this point, I can't remember whether I tried that -- though I suspect  *not*, since it's not something that would have occurred to me to try.

I think you missed the part earlier in the thread where I said that replacing the unit with something quite different fixed my VPN issue.   The complete truth, as it turns out, is that the replacement modem/router (not a Netgear unit) is not without its own annoyances ... but a discussion of that here would be off-topic I think.

 

Straying ever-so-slightly off-topic anyway, I'm currently half-way through setting up a Vigor 130 VDSL modem with a Ubiquiti Edgerouter Lite, which, though not the cheapest solution, I'm hopeful will last for a few years.

Message 12 of 15
neiljt
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

@Keith:

 

Sorry to hear you're going through the same as I did.   I wish you the best of luck!

Message 13 of 15
zeuss
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Hi Keith,

 

Seems your problem is different from Neijit's, your AnyConnect is working ?

And for Ciscon phone, is it WiFi phone or an IP phone in LAN side ?  Did you ever disable SIP ALG in WAN Setup page ?

Message 14 of 15
zeuss
Aspirant

Re: Netgear D6400 with Cisco Annyconnect VPN -- Losing (some) Connectivity after 5 mins

Hi Neigit,

 

Sorry to here about that.

Actually, I also have a Cisco AnyConnect account and connect to my company but I did not see the same case.

Maybe it's different settings or VPN protocol between yours and my, but I don't know ...

Message 15 of 15
Top Contributors
Discussion stats
  • 14 replies
  • 6316 views
  • 0 kudos
  • 6 in conversation
Announcements

Orbi WiFi 7