DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

VPN Dial In Users Sloooooow after Firmware Update

More
20 May 2018 19:17 #91662 by hurtinger
Hi,

I have a Vigor 2925n+ set up with Ipsec over L2TP VPN with a set of 7 dial-in users. I have 2 WANs load balanced.

This has been working perfectly for 3 years and I've been reluctant to update the firmware for fear of breaking anything... as these dial-in users work remotely and must have access.

However, because of the latest security update I installed the essential update 3.8.8.2. All appeared to be well, until 30 minutes later when I was getting calls from my remote users that VPN wasn't working.

I tested myself, and found that the VPN does indeed connect, but the connection is so slow it's unusable. Without doing a traceroute I wouldn't know that it was live.

I was able to reach the web gui, which (although possibly a little slow) is completely usable.

My first thought was that DNS was at fault, but I have pinged http://www.bbc.co.uk and performed traceroutes which work.

Performing a: "curl ipinfo.io/ip" returns the correct external IP (we route all traffic through the VPN) but trying to load any website eventually fails due to timeouts.

When accessing these websites locally, on the LAN they load perfectly.

Does anybody have any idea which setting may be causing this?

Thanks in advance!

Please Log in or Create an account to join the conversation.

More
21 May 2018 07:06 #91663 by admin
Sorry to sound preachy...but not updating firmware for 3 years is a really bad idea for security reasons - there are regular improvements but also because if there is an issue,
it's really difficult to track down what/when changed - it covuld be 5 versions ago. The latest firmware is based on that immediately preceding and shouldn't have introduced any other changes so unless this is a coincidence or some other cause, it's probably some other change over the 3 years making the difference.
Maybe you could, very temporarily, go back ot the previous firmware to compare (take config backups before/after etc.).



Forum Administrator

Please Log in or Create an account to join the conversation.

More
21 May 2018 11:06 #91668 by hurtinger
Yeah, I realise I should've been updating more frequently really... It's a case of if it ain't broke don't fix it. My dial-in users require access so without a security bulletin requiring an update I was loathed to touch it.

On reflection this may not have been the best solution :(

Please Log in or Create an account to join the conversation.

More
21 May 2018 11:39 #91669 by hurtinger
Have dealt with telephone support who have passed this to second line support.

It appears as though this could be a bug...

Please Log in or Create an account to join the conversation.

  • johnleedham@coxagri.com
  • Offline
  • New Member
  • New Member
More
01 Jun 2018 17:05 #91907 by johnleedham@coxagri.com
Replied by johnleedham@coxagri.com on topic Re: VPN Dial In Users Sloooooow after Firmware Update
I have the same issue. Draytek 2860 with. Firmware was from 3.8.4.5 to 3.8.8. Giving me real issues.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami