2

I have a program that prints labels at five remote sites. Two sites, aren't working, but the rest are with an identical (as far as I can tell) setup.

Using Wireshark, I have determined that the handshaking all goes well, but after the "Open Print File Response" the packet that is sent from the server, doesn't reach the client. But I'm a bit at a loss as to where I go from here.

I know the port the packet was sent on (445) isn't being blocked, the RST packet gets sent on the same port and that gets there fine.

It's also weird that the three out of five sites are working fine.

This has been up and running for years without issue, all that we have changed is our connectivity (from DSL to bonded DSL). But this traffic is over a VPN - so it can't be the ISP interfering either can it?

I'm totally stuck, and any help would be much appreciated. Thanks!

CYMR0
  • 145
  • 1
  • 7
  • I would be tempted to look at MTUs maybe. Could be that the new DSL link changed things a bit. Are you sure that ICMP is permitted through any firewalls so PMTU discover is able to work? – Zoredache Dec 11 '12 at 21:31
  • I think I love you!! Please can you answer this question, so I can mark it as an answer. I had already changed the MTUs but, your comment got me thinking about ICMP. I had the IMCP blocked from the internet on the Draytek - but it's not directly facing the internet anymore, so it was blocking internal ICMP. Thanks! – CYMR0 Dec 11 '12 at 21:49

1 Answers1

3

When a VPN has odd issues across a network link one thing I will commonly check is the blocking of ICMP. This breaks Path MTU discovery. Since many VPNs are basically encapsulating other packets, they are a bit larger then the original packet. If the VPN cannot detect the correct MTU, then larger packets will often just get dropped. It all depends on the the particular VPN client though.

The solution is either set a smaller MTU on your VPN, or adjust any firewalls so ICMP doesn't get blocked.

As a rule ICMP should generally not be blocked at all. Blocking ICMP tends to silently result in several things being somewhat broken.

Zoredache
  • 128,755
  • 40
  • 271
  • 413