S2S VPN Dropping GroupWise Connection

Similar Messages

• Internet sessions, VPN session, and connections dropping frequently

  I'm in an apartment. This problem started about a week ago. All of my browser sessions, vpn session, and connections such as AIM or netflix drop frequently. I often have to click links twice to get a page to load. I have to reload videos a lot to get them to continue to stream. I am constantly signing in and out of AOL IM.
  I believe the problem has to do with several MoCs (coax connections) listed on my router page, and these MoCs have names of other people on them. Until I noticed them a week ago, I had only seen one MoC belonging to me listed on the router connection page.
  Thus, I think that something got crossed up of misconfigured in the ONT for my apartment complex. The gateway light on my router stays green as all of these problems happen.
  Pinging google.com, I get
  --- google.com ping statistics ---76 packets transmitted, 55 packets received, 27.6% packet lossround-trip min/avg/max/stddev = 31.282/39.339/48.217/3.548 ms
  Anyone seen this before and know how to get verizon to fix this?
  I have had nothing but problems with FIOS since getting it, and I have wasted a lot of time with their "customer support."

  I am sorry to hear about your connection problems. I have sent you a private message so we can get your information and look more deep into your connection.
  Anthony_VZ
  **If someones post has helped you, please acknowledge their assistance by clicking the red thumbs up button to give them Kudos. If you are the original poster and any response gave you your answer, please mark the post that had the answer as the solution**
  Notice: Content posted by Verizon employees is meant to be informational and does not supersede or change the Verizon Forums User Guidelines or Terms or Service, or your Customer Agreement Terms and Conditions or plan

• Border Manager 3.8.5 and S2S VPN

  I have a couple of questions with Border Manager and S2S VPN. Everything
  is up and running, we can ping both servers (Netware 6.5.6), we can ping
  workstations attached to each others network, we can access programs from
  each others network. Everything seems to be working great. The question I
  have is this - on both servers, under Remote Manager, VPN Monitoring, both
  show as 'Being Configured'. I do not think that this is an issue but there
  is another error in the Audit Log. The error -
  "Proposal Mismatch - Quick Mode: ESP - transform mismatch mine: esp des
  his: esp 3des dst: xx.xx.xx.xx src: xx.xx.xx.xx cookies
  my-his:17B2D88772DE1D61 - 4F15FFD50824F821".
  This appears on both servers Audit Log.
  Is this a legit error or a information error? I used Craig Johnson's 'A
  Beginner's Guide To BorderManager 3.x' but ended up making both VPN's
  masters as per Novell TID - 10095268.
  If anyone has an insight as to what these errors are and if there is a
  fix it would be greatly appreciated.
  Kelly

  Kelly Burnside wrote:
  > I have a couple of questions with Border Manager and S2S VPN. Everything
  > is up and running, we can ping both servers (Netware 6.5.6), we can ping
  > workstations attached to each others network, we can access programs
  > from each others network. Everything seems to be working great. The
  > question I have is this - on both servers, under Remote Manager, VPN
  > Monitoring, both show as 'Being Configured'.
  Sometimes the imanager snapin can not get the current status of the
  connection from vpinf so it shows 'Being Configured'. It can take some
  times, maybe days to change the status.
  I do not think that this is
  > an issue but there is another error in the Audit Log. The error -
  > "Proposal Mismatch - Quick Mode: ESP - transform mismatch mine: esp des
  > his: esp 3des dst: xx.xx.xx.xx src: xx.xx.xx.xx cookies
  > my-his:17B2D88772DE1D61 - 4F15FFD50824F821".
  This is not an error, it is an information message.
  > This appears on both servers Audit Log. Is this a legit error or a
  > information error? I used Craig Johnson's 'A Beginner's Guide To
  > BorderManager 3.x' but ended up making both VPN's masters as per Novell
  > TID - 10095268. If anyone has an insight as to what these errors are
  > and if there is a fix it would be greatly appreciated.
  > Kelly
  Everything is fine, nothing to be worry about.
  gonzalo

• S2S VPN only works in one direction

  I'm very new to cisco devices but we recently acquired a catalyst 2911 device for our co-lo cabinet and I am trying to get a site-to-site vpn connection working between the facility and my offices network as well as a remote access VPN for me to use in case I have to fix something while outside of the office. 
  The office's gateway is 66.119.163.2 and the device is a TZ210 with it's LAN network being 192.168.1.0 /24
  The co-los gateway is 204.244.50.254 and the device is an ASR 2911 with it's LAN network being 10.0.10.0 /24
  The S2S VPN connection is up between the two locations and the 2911 device and the servers within it's LAN can ping and RDP to the office's machines.  The office network can only ping the LAN interface IP on the 2911 which is 10.0.10.1 but not the servers in the network.  the site-to-site VPN was set up with the CCP wizard.
  How can I allow the 192.168.1.0/24 network to see the 10.0.10.1/24 network and why do I only currently see the gateway?
  If need be I can post my running-config file with the preshare keys redacted. 

  I would suggest that you change your vpn client pool to be in a totally unique subnet.
  For example:
  10.20.20.0/24
  ip local pool SDM_POOL_1 10.20.20.200 10.20.20.250
  Then a few ACLs to be modified:
  access-list 101 permit ip 10.10.10.0 0.0.0.255 any
  access-list 105 permit ip 10.20.20.0 0.0.0.255 10.0.10.0 0.0.0.255
  access-list 105 permit ip 10.20.20.0 0.0.0.255 10.10.10.0 0.0.0.255
  ip access-list extended 106
     5 deny   ip 10.0.10.0 0.0.0.255 10.20.20.0 0.0.0.255
  ip access-list extended 107
     5 deny   ip 10.0.10.0 0.0.0.255 10.20.20.0 0.0.0.255

• Certificate based S2S VPN

  Hi all!
  Please give me advice in the problem below:
  Exist a device in the Small business portfolio which allows certificate based authentication (not only PSK) in S2S VPN?
  Or which is the first/cheapest device that support this function?
  We have to connect a device (remote site) to a Checkpoint firewall (central site) over S2S VPN.
  On the remote site NO fixed IP address. And our contact person sad,  the Checkpoint support this type of connection only with certificate.
  (PSK is not allowed, only with fixed IP)
  Thanks,

  You are on the right track. Client certificates plus OTP authentication methods is one of the most secure ways to setup remote access VPN on the ASA.
  For revocation, the ASA will generally check the CRLs on the issuing CA. (or in rare cases use OCSP)
  For your second post, you use connection-profiles (i.e. pre-login selection) to configure the different authentication methods for your two (or more) use cases.
  You might want to invest in the certifcation guide for the CCNP VPN exam: 
  CCNP Security VPN 642-648 Official Cert Guide (2nd Edition)
  Even though that exam is being retired next month, it has a wealth of information that complements the configuration guides with a more comprehensive explanation of just the type of questions you are asking.

• Remote VPN drop

  Hi, ..
  There are Multiple Remote access connections comes to my VPN Concentrator.
  each remote office whos connected to my VPN can just connect with ONE PC only.
  when he tries to use VPN software to create new connection he success BUT the first drop.
  the solution was to Create Microsoft VPN Connection so that more than one person can connect from each office.
  I need to let them connect using Cisco VPN Software NOT microsoft.

  Hello,
  Could you use the firewall/router connecting your remote sites to the internet to setup a LAN-to-LAN VPN?
  In case this is not possible, did the clients configure "Enable Transparent tunneling" with IPSec over UDP? It somehow sounds like a NAT/PAT problem in conjunction with "VPN passthrough" on lower end DSL/cable routers. They might only support one IPSec tunnel at a time.
  The transparent tunneling can be configured in the client through "Connection entries -> Modify" and then a new window pops up where you can select the "transport" tab and enable transparent tunneling with UDP.
  Hope this helps! Please rate all posts.
  Regards, Martin

• WatchGuard S2S VPN very slow

  Hi guys,
  I have created a site to site VPN between my WatchGuard XTM firewall and MS Azure static gateway. The VPN connects without any issues, but I noticed the file transfer speeds to my servers (via SMB) are very slow. Most of the time it peaks at 350KB/s, sometimes
  it hovers around 70KB/s. I have 200Mbps fibre link that is not saturated at all.
  sometimes it reaches 3-5MB/s, but it is rare and random.
  I'm located in Sydney Australia, the Virtual network is in the UK. I tried to test the Netherlands and Sydney data centres, same exact problem, very poor performance.
  Anyone having similar issues with S2S VPNs?
  Thanks,
  Ib

  Hello Code_Jax,
  1. Have you created the Azure resources in the same data center region?
  2. Is the region that you have chosen close to your On-premise network?
  I suggest that you change the region where you have deployed your Azure Resources and check if you get the same Performance.
  I also suggest that you use Netmon to  and analyze network traffic. You can follow the link below to download Netmon:
  https://www.microsoft.com/en-us/download/details.aspx?id=4865
  Thanks,
  Syed Irfan Hussain

• IPsec S2S VPN Encap/Decap

  hi,
  i created a S2S VPN and the ASA2's internet connection isn't that good and some packet losses would be 'normal'.
  i'm not sure if that relates to the unequal encap/decaps on my 'sh crypto ipsec sa' output.
  is the below reading normal?
  ASA1:
        #pkts encaps: 129766, #pkts encrypt: 130193, #pkts digest: 130193
        #pkts decaps: 90306, #pkts decrypt: 90306, #pkts verify: 90306
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 129766, #pkts comp failed: 0, #pkts decomp failed: 0
        #pre-frag successes: 427, #pre-frag failures: 0, #fragments created: 854
        #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 29
        #TFC rcvd: 0, #TFC sent: 0
        #Valid ICMP Errors rcvd: 0, #Invalid ICMP Errors rcvd: 0
        #send errors: 0, #recv errors: 0
  ASA2:
   #pkts encaps: 533, #pkts encrypt: 533, #pkts digest: 533
        #pkts decaps: 600, #pkts decrypt: 600, #pkts verify: 600
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 533, #pkts comp failed: 0, #pkts decomp failed: 0
        #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
        #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 36
        #send errors: 0, #recv errors: 0

  Hi,
  I don't think there is anything unusual about the packet count being different for decaps/encaps
  I would imagine that typically the data transfer is uneven so I don't expect ever to see these counters match. Only time is usually when just configuring a new connection and testing it with ICMP which would result in identical count in encap/decap counters (if the ICMP went through) as we would see echo/echo-reply packets.
  If you would see zero counter on one of the SA pairs then it would indicate a problem
  I don't see anything special/strange in the above.
  - Jouni

• Users VPN drops after every 5 mins

                     Hi everyone,
  We have user whose remote VPN drops after every 5 mins.
  Need to know whats things i can check to troubleshoot the issue?
  User connects by RSA Token.
  ISP connection is ok its not issue.
  Any thing i can check in ASA ?
  Thanks
  Mahesh

  On the client side, have you tested wired vs wireless to see if the problems exists in both?  If it's only one of them but not the other, try updating the drivers.  Also, if it's windows 7, take a look at the power settings in control panel.  I've seen where agressive power settings will shut off the network port when idle.  Not that big of a deal in a LAN environment but it wreaks havoc on VPN.

• Troubleshooting VPN drops between 871 client and 2811

  My small company uses a 2811 ISR for VPN services (among other tasks such as internet access, p2p circuits to a second site, etc). I have a couple of remote users that have 871 routers that have occasional problems with their routers dropping their VPN tunnels to the 2811. I'm not really sure where to start with the troubleshooting. There are other clients (such as my own 871W) that seem to maintain a connection for weeks. These remote routers that do drop the connection usually reconnect at their next schedule attempt (180 seconds or so.)
  Most of the previous questions I've seen similar to this involve software clients but these are hardware routers as the clients and as such I'm not sure how to enable or retrieve logs for the VPN sessions.

  As expected, the isakmp lifetime is 86400, but for ipsec it merely reports how much time is left in the current sa.
  For example:
  router#show crypto isakmp policy
  Global IKE policy
  Protection suite of priority 3
  encryption algorithm: Three key triple DES
  hash algorithm: Secure Hash Standard
  authentication method: Pre-Shared Key
  Diffie-Hellman group: #2 (1024 bit)
  lifetime: 86400 seconds, no volume limit
  Default protection suite
  encryption algorithm: DES - Data Encryption Standard (56 bit keys).
  hash algorithm: Secure Hash Standard
  authentication method: Rivest-Shamir-Adleman Signature
  Diffie-Hellman group: #1 (768 bit)
  lifetime: 86400 seconds, no volume limit
  router#show crypto ipsec sa
  interface: Virtual-Access4
  Crypto map tag: Virtual-Access4-head-0, local addr 209.XXX.XXX.82
  protected vrf: (none)
  local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
  remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
  current_peer 75.XXX.XXX.179 port 4500
  PERMIT, flags={origin_is_acl,}
  #pkts encaps: 681527, #pkts encrypt: 681527, #pkts digest: 681527
  #pkts decaps: 670316, #pkts decrypt: 670316, #pkts verify: 670316
  #pkts compressed: 0, #pkts decompressed: 0
  #pkts not compressed: 0, #pkts compr. failed: 0
  #pkts not decompressed: 0, #pkts decompress failed: 0
  #send errors 1, #recv errors 0
  local crypto endpt.: 209.XXX.XXX.82, remote crypto endpt.: 75.XXX.XXX.179
  path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/1
  current outbound spi: 0xF0C2D65C(4039300700)
  inbound esp sas:
  spi: 0x2A7171E4(712077796)
  transform: esp-3des esp-sha-hmac ,
  in use settings ={Tunnel UDP-Encaps, }
  conn id: 4093, flow_id: NETGX:2093, crypto map: Virtual-Access4-head-0
  sa timing: remaining key lifetime (k/sec): (4577435/1047)
  IV size: 8 bytes
  replay detection support: Y
  Status: ACTIVE
  inbound ah sas:
  inbound pcp sas:
  outbound esp sas:
  spi: 0xF0C2D65C(4039300700)
  transform: esp-3des esp-sha-hmac ,
  in use settings ={Tunnel UDP-Encaps, }
  conn id: 4094, flow_id: NETGX:2094, crypto map: Virtual-Access4-head-0
  sa timing: remaining key lifetime (k/sec): (4572865/1027)
  IV size: 8 bytes
  replay detection support: Y
  Status: ACTIVE
  outbound ah sas:
  outbound pcp sas:

• S2S VPN - ASA 5505 to ASA 5540 - Routing Problems

  I'm a software developer (no doubt the issue) trying to setup my remote office (5505) to the main office (5540). No problem getting the S2S VPN up, but I definitely have problems with the routing. Using tracert, it shows it going into the remote network for a couple of hops, but then timing out. Packet tracer shows everything is fine. Using my client VPN credentials to the remote network, same on the return path...does a few hops, then gets lost. I've stripped down the config to the basics and ensured it isn't security settings on both ends, but still doesn't work. I've spent A LOT of hours trying to get this to work, so thanks for any assistance!
  Current running config:
  ASA Version 8.2(5)
  hostname asa15
  enable password XXXXX encrypted
  passwd XXXXX encrypted
  names
  name 10.0.0.0 remote-network
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif inside
  security-level 100
  ip address 172.16.5.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address dhcp setroute
  ftp mode passive
  access-list outside_1_cryptomap extended permit ip 172.16.5.0 255.255.255.0 remote-network 255.0.0.0
  access-list inside_nat0_outbound extended permit ip 172.16.5.0 255.255.255.0 remote-network 255.0.0.0
  access-list inside_access_in extended permit ip 172.16.5.0 255.255.255.0 remote-network 255.0.0.0
  access-list inside_nat0_outbound_1 extended permit ip 172.16.5.0 255.255.255.0 remote-network 255.0.0.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu outside 1500
  mtu inside 1500
  icmp unreachable rate-limit 1 burst-size 1
  asdm location remote-network 255.0.0.0 inside
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound_1
  nat (inside) 1 0.0.0.0 0.0.0.0
  access-group inside_access_in in interface inside
  route outside 0.0.0.0 0.0.0.0 99.X.X.7 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 172.16.5.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec security-association lifetime seconds 3600
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set peer 99.X.X.7
  crypto map outside_map 1 set transform-set ESP-AES-128-SHA
  crypto map outside_map 1 set reverse-route
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 28800
  vpn-addr-assign local reuse-delay 5
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  dhcpd address 172.16.5.100-172.16.5.130 inside
  dhcpd auto_config outside interface inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics access-list
  threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
  webvpn
  tunnel-group 99.X.X.7 type ipsec-l2l
  tunnel-group 99.X.X.7 ipsec-attributes
  pre-shared-key XXXXX
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
  message-length maximum client auto
  message-length maximum 512
  policy-map global_policy
  class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect ip-options
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  : end

  just out of curiosity, why do you have
  route outside 0.0.0.0 0.0.0.0 99.X.X.7 1
  You already set your default route through DHCP setroute under the interface. this could be the issue.
  If your VPN config is ok and you are seeing encaps/decaps, it is likely a routing issue.
  Does the remote device have the correct default gateway?
  May be a Natting issue if you have a one-way tunnel (usually send but no receive)...
  Patrick

• Remote access VPN client gets connected fails on hosts in LAN

  Hi,
  VPN client gets connected fine, I have a inter VLAN routing happening on the switch in the LAN so all the LAN hosts have gateway IP on the switch, I have the defult route pointing to ASA inside interface on the switch, the switch I can reach after Remote Access VPN is connected how ever I cannot ping/connect to other hosts in the LAN and if I make the gateway point to the ASA then that host is accessible, any suggestions? I really want to have gateway to be the Switch as I have other networks reachable through the Switch (Intranet routing)

  Hi Mashal,
  Thanks for your time,
  VPN Pool(Client) 192.168.100.0/24
  Internal Subnets 192.9.200.0/24(VLAN 4000) and 192.168.2.0/24 (VLAN 1000)
  =============
  On the Switch
  =============
  Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
         D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
         N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
         E1 - OSPF external type 1, E2 - OSPF external type 2
         i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
         ia - IS-IS inter area, * - candidate default, U - per-user static route
         o - ODR, P - periodic downloaded static route
  Gateway of last resort is 192.168.2.5 to network 0.0.0.0
       172.32.0.0/24 is subnetted, 1 subnets
  C       172.32.0.0 is directly connected, Vlan101
  C    192.168.200.0/24 is directly connected, Vlan2000
  C    192.9.200.0/24 is directly connected, Vlan4000
  S    192.168.250.0/24 [1/0] via 192.9.200.125
  S    192.168.1.0/24 [1/0] via 192.9.200.125
  C    192.168.2.0/24 is directly connected, Vlan1000
  S    192.168.252.0/24 [1/0] via 192.9.200.125
  S*   0.0.0.0/0 [1/0] via 192.168.2.5
  ===============
  On ASA
  ===============
  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
         D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
         N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
         E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
         i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
         * - candidate default, U - per-user static route, o - ODR
         P - periodic downloaded static route
  Gateway of last resort is 172.32.0.2 to network 0.0.0.0
  C    172.32.0.0 255.255.255.0 is directly connected, outside
  C    192.9.200.0 255.255.255.0 is directly connected, inside
  C    192.168.168.0 255.255.255.0 is directly connected, failover
  C    192.168.2.0 255.255.255.0 is directly connected, MGMT
  S    192.168.100.2 255.255.255.255 [1/0] via 172.32.0.2, outside
  S    192.168.100.3 255.255.255.255 [1/0] via 172.32.0.2, outside
  S*   0.0.0.0 0.0.0.0 [1/0] via 172.32.0.2, outside
  We don't need route print on the PC for now as I can explain what is happening I can get complete access to the 192.168.2.0/24 (VLAN 1000) but for 192.9.200.0/24 (VLAN 4000) above from the switch I can only ping IP's on the switches/pair but cannot have any tcp connections, which explains the default route being pointed on the switch is on VLAN 1000, now my issue is How do I get access to VLAN 4000 as you can see these two are on different Interfaces/zones on the ASA and please note with default gateway pointing to ASA I will have access to both the VLAN's it is only when I move the gateway pointing to Switch I loose tcp connections to one VLAN depending on the default route  on the being pointing to on the switch.
  So we are left to do with how to on the switch with default route.

• My i Phone drops WiFi connection after just a few minutes and wont reconnect unless I reset the network settings and reboot the  phone?

  My i Phone 4s has suddenly started to drop wifi connection after nealy months of near perfect connections?
  To restore a wifi connection I have to reset the network settings and restart the phone, this only fixes the issues for around 2-3 mins?
  Other quick fixes like switching wifi on and off/ switching to airoplane mode for a few secconds have no impact.
  This is really annoying as I am using my data allowence very quickly, and as the phone is continually searching for a wifi connection the battery time has reduced dramatically.
  I just wondered if any one else has the same issue, and any suggestions as to how I can fix this.
  Thanks in Advance

  Reboot.
  Restore (from backup)
  Restore (as new)
  Test after each step. If one of them doesn't fix the problem, make an appointment at the genius bar.

• MacBook Air + Time Capsule  frequently dropping internet connection

  I too have been having frequently dropped wireless connections between my MacBook Air (MBA) and my Time Capsule(TC). My TC is connected to a cable modem and I also have an Airport Extreme Base Station (AEBS) at a different part of my house which is used to extend my network connecting via ethernet to a PC running VISTA, and wirelessly to a printer and an older MacBook. I also connect wirelessly to my home network with two iPhones, a Squeezebox 3 with a server running on the PC. I have an Apple TV and a Squeezebox 2 connected to my TC via ethernet.
  When my connection drops I will either see a Time Capsule disconnect message or if I am surfing the web, the browser just hangs. The wireless ICON strength is still pegged a the max level. None of my other devices (wireless or ethernet) connected to the TC or the other AEBS seem to drop their internet connections. I can re-establish the connection on my MBA by either turning off my MBA's Airport wireless and then turning it back on or by running the network diagnostics. The latter method usually shows green lights for all but the "Internet" and the "Server" which will have yellow lights. Usually when I select my wireless network and press continue, it will prompt for my WPA2 password which I have to reenter even though I always check the box for it to remember the password in the keychain.
  After reading the various discussions on disconnect problems and trying the various "solutions" I was still having the disconnect problem.
  Last night, I decided to turn off my Time Capsule and was then able to maintain an internet connection for considerably longer than before. Perhaps it was one of the other "solutions" that caused that. After turning my TC back on, the disconnect problem reoccurred within about 5 minutes.
  Next, I did my too frequent Time Capsule remedy which was to disconnect the power and then reconnect the power. (Seems like some of these devices (APPLE TV included) could use power switches.) I then deleted the .sparsebundle backup file on the Time Capsule. I was then able to restart Time Capsule backup and things have been running uninterrupted for over 12 hours...still backing up (20GB in 12 hours? Doesn't seem very fast!). I can report back later if this actually "fixes" my disconnect problems in the future. I am dubious that it will.
  I have several questions about the MBA and the TC/Time Machine backup operation.
  1.) I often forget about the TC when I close the lid on my MBA and haul it off to work. At work (connecting via ethernet), I will eventually get a TC disconnect error. But I am wondering if there are points in the backup process where a random disconnect will cause some sort of TC corruption. What is the recommended way of handling this? Should I always stop the Time Machine backup before turning off my MBA? (A nuisance if so!)
  2.) What is happening when the TC backup operation stops functioning and hangs up the MBA's internet connection? (I see lots of messages logged in the system log when this happens; but, of course, I don't have much of a clue of which ones are normal and which are not normal. I could send a copy of the logs when it happens next (I am assuming it will).
  Also one other anecdote. A few months back, I had taken another AEBS to my work to use during a training conference. My MBA kept dropping its connection while the other PC laptops in the room maintained their connections...(very embarrassing!). Maybe one of the other "solutions" would have fixed the problem or maybe if I had just turned off my Time Machine backup it would not have disconnected. I will repeat that exercise when I get a chance now that I have some things to try.
  It seems pretty clear to me from my own experiences and the discussion reports of others that the disconnect problem lies in the MBA's wireless internet connection software or the configuration of it. It seems like it is having difficulty recovering from various wireless connection "mishaps".

  Folks, I was having a very similar problem for the last 6 months. My connection was fine until June 2008, after which my Macbook and my Time Capsule would constantly conflict. If I rebooted or reset the TC, or the MB, things would be fine for a few minutes or sometimes a few hours and the problem would recur soon thereafter. About a month ago, I had to do a clean reinstall and the problem vanished for about 5 days, after which it reappeared. My MB never had a problem at work, or at someone else's home or with other routers, only with TC. Apple sent me a new TC, then they replaced my Airport card but the situation did not change ... UNTIL ABOUT AN HOUR AGO.
  An hour ago, I called Apple for the nth time in the last 6 months, and the rep heard me out (just like the previous n-1 reps). He then asked me to to System Preferences --> Accounts --> Login Items and asked if Real Player Downloader showed up in my list. Indeed it did. He asked me to remove it, and told me that Apple had just figured out that the Real Player downloader was recently found to be causing a drop in the connection between Macbooks and the TC (as well Airport Express).
  The problem I've been having baffled everyone. All the previous reps, the guys at the Genius Bars, nobody had a clue. Joe (the rep I spoke with this morning) seemed very confident that the removal of the Real Player Downloader from the list of login items would resolve the problem. So far, so good. My connection seems solid (its only been an hour, but earlier it would drop after 5 minutes of use).
  I hope my problem that (literally!) used up hundreds of hours of my time has been finally resolved. I hope this solution will work for at least some of you as well. What gives me hope is that this solution is logically consistent with the history of my problems. I probably first downloaded Real Player in June 2008. And when I did a clean install, I remember downloading Real Player a few days after the reinstall. So I'm pretty hopeful that my issue has been finally resolved.
  Shame on Real Player for putting out a defective piece of software. And thank you Joe!

• Loop drops when connected wireless (NI 9191)

  Hi,
  I cannot figure out why a NI cDAQ 9191 chassis has connection drops when connected wireless and works
  perfectly when connected thru LAN.
  I wrote a little test VI to check the connection accuracy. The chassis has a NI 9375 I/O module plugged in.
  A Moxa AWK3121 is used as wireles access point. What I do is check 5 digital inputs and control 3 digital outputs.
  The outputs are continuously placed on/off at a different rate. I use an event loop and a main loopt that communicates
  to the chassis at a loop rate of 10ms.
  The chassis, laptop and Moxa A.P. are all close together on my desk. The Wifi signal is excellent.
  Now, the code i written is probably not optimal.
  But...  If I start with connecting the chassis with a LAN cable to my laptop, Wifi Disabled, Linked Local. The communication is perfect.
  No drops between the loops and the real time.        
  No communication errors. Runtime was 52 minutes.
  Second test. Connected the chassis to the Moxa A.P. with LAN cable. Laptop connected wireless to the Moxa A.P.
  Chassis still in Link Local. Ik can access the chassis in MAX. No problem.
  When I run my test, I immediately see loop pauzes. After one minute there can be already a difference of 20 sec.
  between calculated looptime and real time. Sometimes the active light on the chassis goes off and on.
  When the active light is out, the loop is on hold. (Wich is normal as I assume the DAQ VI's are waiting for response.)
  After appr.10 minutes the error -50405 "No Transfer in progress because transfer was aborted by client".
  If I look at the timings there is already a difference of more then 5 minutes between the loop timing and the real time.
  As last I tested with the chassis and the PC connected wireless to the Moxa A.P.
  I did not get the -50405 error, but again loop drops. After 10 minutes there was a shift of 2 minutes.
  Has anyone experience with wireless connections with the NI 9191 chassis?
  Can I change my code? Did I mis something? (I'm a newbie to Labview)
  Any help or suggestions would be appreciated.
  Thanks in advance.
  Frankie.
  Labview 2014 SP1 (32bit) on Windows 7 Enterprise (X64)
  Chassis and Moxa all updated to the latest firmware.
  Solved!
  Go to Solution.
  Attachments:
  Chassis919Tester.vi ‏51 KB
  Symmetrical_Pulse_Generator.vi ‏55 KB

  I am not clear on whether you are connecting the two together "in it's own little network" (which implies "router" and not "AP") or if you are connecting to the LAN through the wireless device (in which case it is entirely appropriate to refer to the wireelss device as an "AP").  Your last post about hot spots is what confused me.
  But as you said, the biggest worry is the active light.  Try using a different router/AP.  I've seen routers overheat and reset themselves before due to inadequate heat sinking.  i.e., Someone (not me, I swear!) dropped the AP and knocked the heat sink off the chip.
  As for the delay, if you are indeed using the Moxa as an AP, are you sure you're connecting to your AP?  If you're connected to a hotspot instead, your throughput will be at least halved - and maybe even 1/4 bandwidth if your AP happens to have connected to a different hotspot than you did.  If you are using it as a router, try differnt bands or channels to see if you can get around any interference your company wireless network might be generating.
  In general, conclude that wireless isn't the best way to connect test devices together.
  Bill
  (Mid-Level minion.)
  My support system ensures that I don't look totally incompetent.
  Proud to say that I've progressed beyond knowing just enough to be dangerous. I now know enough to know that I have no clue about anything at all.