1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can't connect to my company servers after Tomato or Thibor upgrade

Discussion in 'Networking Issues' started by hpsmartyz, Sep 16, 2007.

  1. hpsmartyz

    hpsmartyz LI Guru Member

    Hi all,

    I have just joined because I am seeking help for solving a problem
    for which I have absolutely no clue on how to do it.
    I have bought a GL after having had a G for several years.
    I have netscreen remote (Juniper) installed on my professional
    laptop and use it to connect to my company network. Once done,
    I launch for example Thunderbird which connects to my company
    imap server.
    I upgraded to Thibor15c and then switched to Tomato but encounter
    the same problem with both: I can connect to my company network
    with the vpn client but then servers seem unreachable (Thunderbird
    for example can't find the imap server). I can't neither ping any
    of the servers from my laptop.
    The strange thing however is that I can ping them with the ping
    tool of the GL. (same with trace route).

    I have tried any port forwarding I could think of but nothing changes.

    Note that this happens independently of the configuration of the GL.
    That is, with default config of Tomato and Tibor it does not work.
    As soon as I switch back to Linksys firmware it works.

    I would definitly welcome some help to get me out of this because
    Tomato looks really full-featured and with some that I would desperatly
    would like to have.

    thanks for your support
     
  2. Toxic

    Toxic Administrator Staff Member

    did you reset the GL when you upgraded the firmware? press the reset button for 30 seconds and reconfigure.
     
  3. hpsmartyz

    hpsmartyz LI Guru Member

    Hi,

    do you mean after the upgrade to Tomato?
    I did not reset, no, but could it have an impact?
    But I did not reset neither when switching back to Linksys firmware and the VPN problem
    is not present.
     
  4. hpsmartyz

    hpsmartyz LI Guru Member

    Hi,

    I was under the default firmware, did a reset, upgraded to Tomato
    did a reset (30s each time) and no change. VPN connects but
    servers are unreachable :(

    edit : small precision.
    when switching back to linksys fw it does not work, I need to do a reset for it to work.
     
  5. hpsmartyz

    hpsmartyz LI Guru Member

    Hi,

    would anyone have hints on the problem which I could investigate?
    thanks
     
  6. frenchy2k1

    frenchy2k1 LI Guru Member

    make sure you have VPN passthrough enabled in Tomato?

    Do a tracert on an IP of your job after connecting the VPN and see where it blocks.
    sometimes, you have to tell windows which connection to use to reach an address. That can get messy quite fast...
     
  7. hpsmartyz

    hpsmartyz LI Guru Member

    Hi frenchy2k1,

    thanks for taking time :)
    Yes all VPN tunneling technologies are enabled.
    I did a traceroute to one of my company servers (from the 54GL web i/f)
    and nothing appears to be wrong but maybe you could tell me what to look
    for? Should I also try from my PC?
    I also thought that windows could be responsible but in fact I think no
    as everything works perfectly with default fw (and without any change to windows).
    By the way I have also tried with latest TalismanBasic and it is just the same.

    I would really like to get out of this dead lock :frown: and am I willing to
    work on it but I am really lost.

    thanks frenchy2k1 and others for your help

    :)
     
  8. hpsmartyz

    hpsmartyz LI Guru Member

    Hi,

    no additional help? :frown:
    I found this thread. The guy has exactly the same problem than me except that me it happens
    with a third party firmware.
    Could it be linked to the fact that third party firmwares are "more" designed for 45G than 54GL?

    Strange thing happened tonight, I was able to ping both the gateway and DNS server of my company from the PC (while, again, I was able to ping inner company servers from the router) but some time after I could not anymore.
     
  9. mstombs

    mstombs Network Guru Member

    Have you tried lowering the MTU on your PC or router - The cisco vpn client I use uses 1420, my router/modem accept 1500, I wonder if the Linksys firmware has a different default?
     
  10. hpsmartyz

    hpsmartyz LI Guru Member

    Hi,

    I did not try, but does the third party fws change the default MTU?

    by the way I tried putting my pc as the DMZ and this has no impact.
     
  11. mstombs

    mstombs Network Guru Member

  12. hpsmartyz

    hpsmartyz LI Guru Member

    Hi,

    before I try, would a different MTU setting explain the fact that
    in once case (stock fw) I can reach my company servers from the pc
    and in the other case can not reach them but still "see" (ping, trace) them from my router ?

    thanks
     
  13. mstombs

    mstombs Network Guru Member

  14. Toxic

    Toxic Administrator Staff Member

    you can check MAX mtu by downloading tcpoptimizer (downloads section). part of the utility will allow you to check maximum MTU size for your connection.
     
  15. hpsmartyz

    hpsmartyz LI Guru Member

    Hi,

    thanks to you both. I'll check the MTU.
    My guess is that the problem is between my PC and the router once the VPN is set-up.
    I checked the routing tables on my PC and they seem right.
    It looks like the router is not forwarding traffic from (W)LAN to WAN.
    I'll keep you informed.
     
  16. Toxic

    Toxic Administrator Staff Member

    what way are you trying to connect to the company servers? IP or domain/netbios names? perhaps WINS/DNS issue?
     
  17. hpsmartyz

    hpsmartyz LI Guru Member

    Hi,

    well in fact it is via thunderbird (for the imap server) and in the config it is a host name
    which is written. Don't think it is related to WINS/DNS.
    I do not know if it si usefull in the context but when I ping a server by its name from my PC, ping never works but at ping start the IP of the server is displayed in the first line. So IP / server name resolution is performed (unless it is stored somewhere on my PC which I doubt).
    Still I fail to understand why servers are reachable from the router and not the PC
    and what changes do 3rd party fw bring such that I can not connect from the PC anymore will it works perfectly with Linksys one.

    thanks
     
  18. hpsmartyz

    hpsmartyz LI Guru Member

    all,

    I found a work around.
    So even I it does not please me not to have solved the problem itself
    I am not limited anymore.
    The work around is the following:
    I connect to my company portal web i/f and there I have to use
    the identifiers I also use for the VPN. It connects me to my company network.
    And then miracle, if I launch Thunderbird it finds the imap server ...
     
  19. banther

    banther Guest

    Shame - I was hoping for a solution. I have almost exactly the same problem but here's a few more details:

    On my router I tried dd-wrt but that just kept hanging after a few minutes connected to the connected to the company vpn (pptp) so tried tomato which is much much better (thus far). The only problem I have is with thunderbird, it can't connect to the mail server. It used to work with the linksys firmware and everything still works if I switch back to Outlook (urgh).
    I've tried different MTU's - no joy.
    Very bizarre.
    Anyway - if someone comes across a real solution for this I would love to know!
    Thanks
     

Share This Page