Recently Verizon switched out my Actiontech Router for a Westell 9100 and my VPN connection does not work? Seems like it connects. In fact it say connected to my office server but I cant ping the machine. Times out.
So the question is what changed? Do I need to open some ports? And if so how do I do that. My IT guy at the office can connect at his house without a problem. The VPN is a Sonic Wall tz-170
Thanks for any guidance
Thanks for the responses. Portforward does not have the Westell 9100 listed. Out IT person states the tz 170 needs UDP500 iPsec. Verizon has just thrown up there hands and said we cant help you even though this worked fine when I had an Actiontech Router. Not sure where to go? I can get into the router web interface but dont know what to change?
Any more ideas?
If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.
The 9100 from what I read is a better router then the Actiontec but may have some firewall features that could cause issues with some VPNs.
Verizon support page shows two different 9100 routers. The 9100EM has a quality of service setting that can be changed to give priority to VPN and HTTP
The default User guides page does not show the 9100 routers. The links on the sidebar for network user guides does have this link.
Also note the following feature that could cause VPN issues if it is turned on.
Block IP Fragments This option can prevent hackers from using fragmented data packets to possibly
sabotage your network. Note: Some VPN and UDP services use IP fragments, and
this feature may need to be disabled. If you have questions about this feature, check
with Verizon technical support. It is disabled by default.
Verizon FiOS Router (Model 9100EM) User Guide
15.12 ProtocolIf you click Advanced in the top navigation menu and then select the Protocol link, the following screen will
appear. For your convenience, the Router supports protocols for Applications, Games, and VPN-specific programs.
The following chart provides port/protocol information for the supported services. The Protocol screen allows you to
select the desired view: Basic Service and Advanced Service. The following sections explain the features of each
Ok. So I looked at those two threads and no help so far. BTW everything works just fine on the laptop from anywhere else just not home.
So maybe someone can brak this down a little bit more for me. I have my ip address that I connect to the VPN with (Sonic Wall VPN Connect) It says it is connected in the status window but if I try and Ping the ip address nothing comes back. Usually once I connect like at a Starbucks etc. Then I use Remote Desktop Connection to log into the server at the office and away I go. Just not at home?
So any clearer instructions on how I adjust the settings would be much appreciated.
02-24-2009 04:33 PM - edited 02-24-2009 04:34 PM
If you log into your router and select the Advanced Icon, there is the Protocol section that should let you set up IPsec under the Basic menu. I found that in the manual and it shows a selection for port 500. If the router is unable to open 500 a key exchange will not happen.
Firewalls and IPSec
If a firewall separates two hosts that use IPSec to secure the communication channel, the firewall must open the following ports:
* TCP port 50 for IPSec Encapsulating Security Protocol (ESP) traffic
* TCP port 51 for IPSec Authentication Header (AH) traffic
* UDP port 500 for Internet Key Exchange (IKE) negotiation traffic
Ok so after 2 hrs with Verizon Customer Service on Saturday its working. The work around is this. We used the DMZ Host on the computers IP Address and that seems to do the trick.
DMZ Host IP Address:
Not sure if this is the best thing but it is working! No off to the virtual office to get some work done. Thanks for all the input. Feel free to keep the comments coming.