L2TP/ipsec VPN connections drop on upload speed tests
L2TP/ipsec VPN connections drop on upload speed tests
My ER605v2 seems to drop LT2P/ipsec VPN connection every time a VPN client do a speed test (both Ookla and fast.com). The drop happens during the upload part of the speed test. I've tested from both a MacBook and an iPhone while be connected to my VPN server (ER605). I tried uploading four heavy files to Google Drive using a VPN connection, and that was not an issue. The issues seems to be related to speed testing only.
What could cause this? Some kind of FW protection that thinks the speed check is some kind of attack? I can't find anything useful regarding the disconnect in the log. The log just says the client disconnected. Could my ISP be causing this?
Its not a big issue, but I want to get to the bottom of why this is happening.
Best,
Markus
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @Clive_A
I tried on a win laptop just now and the outcome is - as you suggested - a bit different. The vpn connection doesn't disconnect, but I'm unable to reach my router for a for a few seconds while doing the speed test.
(I pinged my router while doing the speed test, and I got three request timed out in a row, then pinging is successful again.
On the mac and iphone, the vpn connection fails and does not recover on its own.
markus
- Copy Link
- Report Inappropriate Content
Hi @markie83
Thanks for posting in our business forum.
markie83 wrote
Hi @Clive_A
I tried on a win laptop just now and the outcome is - as you suggested - a bit different. The vpn connection doesn't disconnect, but I'm unable to reach my router for a for a few seconds while doing the speed test.
(I pinged my router while doing the speed test, and I got three request timed out in a row, then pinging is successful again.
On the mac and iphone, the vpn connection fails and does not recover on its own.
markus
That looks like a drain of the session/bandwidth indeed.
- Copy Link
- Report Inappropriate Content
Hi @markie83
Thanks for posting in our business forum.
Try on a Win PC or Android and see if this happens or not.
Never seen this before. I assume it is not a problem with the router instead on your Apple devices.
Could be a drain of sessions. It cannot handle the bandwidth in the speed test as it drains sessions and bandwidth.
- Copy Link
- Report Inappropriate Content
Hi @Clive_A
I tried on a win laptop just now and the outcome is - as you suggested - a bit different. The vpn connection doesn't disconnect, but I'm unable to reach my router for a for a few seconds while doing the speed test.
(I pinged my router while doing the speed test, and I got three request timed out in a row, then pinging is successful again.
On the mac and iphone, the vpn connection fails and does not recover on its own.
markus
- Copy Link
- Report Inappropriate Content
Hi @markie83
Thanks for posting in our business forum.
markie83 wrote
Hi @Clive_A
I tried on a win laptop just now and the outcome is - as you suggested - a bit different. The vpn connection doesn't disconnect, but I'm unable to reach my router for a for a few seconds while doing the speed test.
(I pinged my router while doing the speed test, and I got three request timed out in a row, then pinging is successful again.
On the mac and iphone, the vpn connection fails and does not recover on its own.
markus
That looks like a drain of the session/bandwidth indeed.
- Copy Link
- Report Inappropriate Content
@Clive_A Its not that, I have a 10gig fiber, and the vpn dies the same, its a software bug. Its crashing or its just bad.
- Copy Link
- Report Inappropriate Content
Hi @briankwest
Thanks for posting in our business forum.
briankwest wrote
@Clive_A Its not that, I have a 10gig fiber, and the vpn dies the same, its a software bug. Its crashing or its just bad.
I will not make any further comments or explanations about how VPN works before you can show me a test in LAN to test its peak performance/throughput. As this is only a simple line of opinion.
I also expect your dialectic evidence, methodology and details to show me it is a "software bug". And the definition of the "software bug".
And, are you getting symmetric 10 gig Internet? And your detailed problem description.
I will check them before I report it to the dev or reply to correct if anything is misunderstood.
You may start a new thread to discuss this with me. I hope to see the thread soon and get it fixed soon.
- Copy Link
- Report Inappropriate Content
@Clive_A Here is how I've tested this:
Tests for VPN were done on an iPhone 14 Pro Max running iOS 17.5.1 and iPad M4 running iOS 17.5.1.
Router: ER8411 Fireware 1.2.1
Switch: TL-SX3206HPP Firmware 1.20.0
WiFI AP: EAP773 Firmware 1.0.13
iPhone 14 Pro Max
AT&T
Verizon
T-Mobile
WiFi
iPad M4
T-Mobile, Disconnects too on upload speed test. (No Video)
WiFi to iPhone, on Verizon, Speed Test doesn't cause the VPN to disconnect, seems to cause issues only on LTE/5G connections.
Mac Studio M2 Ultra Sonoma 14.5 (23F79)
Wired from my Desktop
https://drive.google.com/drive/folders/1lAdIBPWiFXj9fQ0170SfPhsrqwDBPT9_?usp=drive_link
The issue seems to be specific to iOS but the ER8411 doesn't log sufficient information as to why it was disconnected.
I suspect timeouts need to be adjusted but again lacking information.
What options do we have to crank up the debug of the VPN Sever so we can see this?
Thanks,
Brian
This
- Copy Link
- Report Inappropriate Content
Thisnis the best debug I can find.
- Copy Link
- Report Inappropriate Content
@Clive_A How can we get the config file the l2tpd uses on the router? I think Its a bug in the config, or the version the router runs, but I can't see to get the raw configs to validate my theories, I think the Dead Peer Detection (DPD) is to aggressive on a latent connection when its loaded.
/b
- Copy Link
- Report Inappropriate Content
Interesting to see that you have a similar issue, Brian. Watching...
markus
- Copy Link
- Report Inappropriate Content
@markie83 The issue seems to be only when its iOS on a 5g/LTE connection, when the VPN client is bound to that interface, I can teather to my phone on my laptop, and never see the issue, same with the iPad teathered. I've switched to using OpenVPN for my devices, but still keen on fixing this issue. Its so easy to replicate its kinda shocking that its not fixed yet. Replicating the issue is usually the hardest part of fixing it.
/b
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1174
Replies: 14
Voters 0
No one has voted for it yet.