VPN Interuptions
January 19, 2008 4:23 PM   Subscribe

How to research micro-interuptions in Internet Provider? My husband works over VPN, and he is experiencing frequent and random log-offs. We blame this on the ISP.

Originally, we had cable modem with Zonet router. After complaints from husband, I replaced Zonet with Linksys WRT-G. I got new Ethernet card for PC. And we switched to Earthlink DSL. We are running XP Prof.

Earthlink told us we could purchase Static IP address. However, they have complete amnesia on this point 6 months later and claim that our neighborhood cannot be assigned static IP addresses. Fortuneatly, they are not billing us for static IP.

I have researched this on Google many times, I have adjusted the MTU setting on the Linksys router. I have called Linksys and Earthlink.

I am looking for packet sniffer or IP logging software that will track all communication with ISP. I want to identify what happens when the VPN gets knocked off.

Can anybody suggest a course of action? Would Static IP make a difference?
posted by ohshenandoah to Computers & Internet (9 answers total) 2 users marked this as a favorite
What do the VPN client logs say? I don't think this is an earthlink problem. My guess is it's the VPN client timing out.

Static IP shouldn't make any difference. They aren't going to change your IP while you are connected.
posted by bhnyc at 4:37 PM on January 19, 2008

I have a guess as to what's going on, because I've experienced a similar problem.

Some versions of the Linksys WRT-G have a problem with VPN overloading the factory firmware. I believe it's something with to do with the ARP tables being stored forever. When you create a VPN connection, the hardware on the router can't handle it and craps out.

The router should have a label with a version number next to the model number. The V6 and V7 are the crappiest, since they gutted the hardware in those versions. My guess is you have one of those. There's a fix if you do. You can flash the firmware on the router with DD-WRT, a Linux based custom firmware. It doesn't have those problems. In fact, it will improve your router quite a bit. The wiki is here.

I've had great luck with doing this myself. Make sure you read all that you can about it first! It's a bit risky, but worth it. When you're done, you'll end up with a router with high end features that doesn't crash.

Let me know if this works, or if you have any questions that aren't answered on that site!

btw, I don't think this is related to static IP. Your session wouldn't drop the VPN in that case, as far as I know.
posted by dosterm at 4:47 PM on January 19, 2008

Have you tried doing simple ping tests and traceroutes? You can do both from the Windows command line.

Gateways with VPN's usually don't respond to pings since they are meant to be secure, but the next upstream gateway from the destination would probably respond.

If you have a continuous ping going and experience a VPN breakdown the ping should start failing as well if the ISP is the problem. If the VPN goes down and the ping test is still returning from the remote gateway, maybe the ISP is not the problem.

Also, there are many intervening networks and 'ISP's' between your router and the destination. If there's some kind of routing issue, it could be happening outside of your ISP's network. Traceroute tests can help test this.

There are free utilities that can do these tests. You should do a traceroute to the destination, then set up a ping test to one of the hops near the VPN destination and then see what happens when the VPN fails. That will tell you a lot.

If the VPN is down and you do a new traceroute and get the same result, then it would be hard to assume that the ISP is at fault.
posted by D-ten at 5:02 PM on January 19, 2008

Wireshark (formerly Ethereal) is the packet sniffing software you're asking for. Be warned, though, it's hard to figure out what's going on this way. Particularly for an encrypted VPN connection.

If the VPN is disconnecting only when idle, my initial guess is to blame your router's NAT state table. Some routers drop entries alarmingly quickly. The solution for that (if you can't configure the router) is to try keeping some idle no-op traffic on the VPN at all times. Another solution is to get a Linksys WRT54GL and flash it with a third party firmware like Tomato that isn't stupid.

VPN is a common ISP support issue; it may be worth asking Earthlink.
posted by Nelson at 6:24 PM on January 19, 2008

Thanks for excellent responses

Very often, the VPN disconnects while Husband is actively working, in the middle of keystrokes. Infuriatingly, at other times it can keepalive a connection for 20 hours.

D-ten, what are some of the free utilities-- can they run traceroute and ping in the background, logging the activity?

Our router is Linksys WRT54GL. I will look into the 3rd party firmware.

posted by ohshenandoah at 9:07 PM on January 19, 2008

Directly connect your husband's computer to the DSL line. If you still get interruptions, please mail me directly.
posted by effugas at 11:19 PM on January 19, 2008

The cause may be your router. It...may not.
posted by effugas at 1:12 AM on January 20, 2008

Yikes. Dosterm's suggestion might be a good one for some folks, but not for you. For one thing, you can permanently break that router. Second, your warranty is void, so don't expect to be able to call Linksys again, and don't expect customer support at any other of your vendors (like your ISP or the manufacturer of your computer) to be able to walk you through troubleshooting anything on that Linksys in the future.

Also, you appear to have had the interruptions-problem with both the Linsys router and the router before it. Therefore, it cannot be the router right?

To answer your question: A free packet capturing tool is Wireshark. It does what you ask. The question is, what are you going to do with the logs after you have the interruptions-problem? The logs this will produce are for network engineers, or at least very technically-inclined people. They're not going to say "it's your ISP".

Now to give you a better answer: Stop trying to fix this yourself. Just because you can Google something does not mean you are qualified to diagnose it and fix it. Your husband should get his IT department on the phone. Tell them "I experience frequent and random dropoffs".

I manage VPNs for people among other things. When a user tells me that, I have logs I can open and look at my side of the VPN, a firewall, my own version of Wireshark. All of these things will tell me if all their VPN traffic is getting to me, and whether it stops coming at various times. I could also walk the user through checking the same thing on their side. As mentioned by someone above, the VPN client on your computer will also have logs.
posted by poppo at 4:47 AM on January 20, 2008

Since it's a WRT54GL I would recommend the Tomato firmware rather then dd-wrt. It's easier to use and more stable in my experience. You can also get a version with OpenVPN.
posted by robofunk at 1:28 PM on January 20, 2008

« Older Standalone NAS recommendations?   |   Stop my tree swing from twisting! Newer »
This thread is closed to new comments.