BSNL FTTH Bharat Fiber Broadband has problems after connecting to VPN

  • Thread starter Thread starter sibidas
  • Start date Start date
  • Replies Replies 69
  • Views Views 41,424
S

sibidas

Messages
10
Location
Kerala
ISP
BSNL FTTH
Hi,

I am facing an issue with my BSNL fiber connection. After connecting to my office VPN, I am not able to access internal or external sites. I am able to ping though. I have also raised concern with BSNL team. my office IT team is telling it is a problem with the router that is shipped with BSNL connection. But I have not gotten any confirmation from bsnl team. They asked for traceroute details, which I provided. Anybody else facing similar issues using vpn through BSNL?
 
Sort by date Sort by votes
i dont use openwrt myself though :D
 
Upvote 0
Hi guys I am facing this issue too. When I am connected to global protect VPN some internal and external websites are not opening. The ont device I am using is of Syrotech. I am able to ping the server but not able to browse.Any help is really appreciated.
 
Last edited:
Upvote 0
I am also facing the same issue. I had just changed from bsnl broadband to fiber one. I have played with different MTU size and it does not work. After taking a tcpdump (Dont know if that is relevent or not :)) could see the following
Code: 
office_vpn.4501 > 192.168.1.102.62986: UDP, bad length 1444 > 1432
. Can someone please let me know if this can cause packet loss or something.
VPN client: global protect, modem: genexis platinum 4410. OS: MacOS 10.15.6
 
Upvote 0
Looks like your MTU is BSNL default/recommended value of 1460, try setting it to 1500 in your ONT and/or router?

Also, if your VPN client has option to reduce packet size, do that as well, set it to 1400 if you can.

I searched google for "tcpdump bad length" and results indicate your MTU is 1460 while it should be at least 1472. Not sure if setting it in ONT and router will help since BSNL seems to have default set to 1460 on their side.
 
Upvote 0
I too have BSNL Fibre broadband. I returned the rented ONT - UTStartCom that was bridged with TP-Link 300 N router and using the Franchise provided one - Genexis Earth 4222. Normal network on both the bands works fine. However, VPN connectivity issues persists, It disconnects every 1 hour MTU size is set to 1432. While pinging to 1.1.1.1 to get the exact MTU, it suggested that as BSNL has default MTU - 1460, using 1432+28 would be optimal. But still facing the issue.

Is it suggested to use Genexis Earth 4222 for VPN or best to bridge the rented modem and use TP-Link Archer C6?
 
Upvote 0
@vishalrao My VPN issue is fixed. The MTU on the ethernet interface need to be 1300 for the global protect vpn client. In my case I set it like this,
Code: 
sudo ifconfig utun2 mtu 1300
. utun2 is the virtual interface that GP client uses. The modem MTU is 1460 and it was working with 1300 aswell.
 
Upvote 0
burrow said:
@vishalrao I am running openwrt on C6. So far what i have did is in the firewall traffic rule, i created a new rule that allows traffic over PORT 7134 from wan to lan. Am i supposed to do anything else here ?.. I am not an expert in networking :-) just a beginner trying out stuffs
View attachment 5028
Click to expand...

(late but maybe useful)
This doesn't work if there is NAT. The sender on the internet sends packets on port 7134 to the public IP visible to him. But the router will have that public IP. The IP of the device behind the router, to which that packet was intended, will be some private IP and not known to the sender. So the router thinks the packets were sent to it (since addressed by public IP) and will drop it (since no app is there to take them).

The way to do this in NAT scenario is to setup "Port Forwards" (it's adjacent to the "Traffic Rules" tab at the top in OpenWrt firewall settings). Give the external port - 7134 - and an internal IP and port of the specific device to forward it to.
 
Upvote 0
You must log in or register to reply here.
Back