Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Citrix Secure Access VPN keeps disconnecting on DSL 1

Status
Not open for further replies.
ict2000

ict2000

Technical User
Apr 6, 2006
26
0
0
AU
Hi,

I have Windows XP SP2, and DSL at home. When I use Internet alone, there is no issue. When I connect to a remote site using Citrix Secure Access VPN, it connects ok. After a couple of minutes (sometimes it varies), VPN loses connection and internet connection also drops off. VPN then reconnects very quickly, same as the Internet. But the problem is all my Citrix client applications hang and take a long time to reconnect.

What do you suggest to do to fix the disconnection problem? Other people connect to the same VPN site without any problem.

Thanks in advance.
 
Sort by date Sort by votes
I used to use Smartpass. I no longer have it on my pc because it is replaced by Citrix now. I already tried uninstalling and reinstalling Citrix Secure
Access when the problem first happened. So far IT have no idea because other people do not have the same problem as myself.

Yes, I agree, it looks like all traffic has been forced onto vpn. Is there any setting locally I can check, or is it a setting on VPN server? Adding a router is the next thing I may try, but I am a bit puzzled that I did not have this kind of problem before. By the way, did try "ipconfig /release" and "ipconfig /renew", but no effect.
 
Upvote 0 Downvote
If you still have dial-up. Use it to dial into internet and then try connecting with client. This should tell you whether or not the client is the issue. Also, have you tried using another computer with client on same connection to see if problem follows. You could try a router in the middle to see if it takes care of the lease problem. Or, If this is yours then read.

g8orade
 
Upvote 0 Downvote
The D-Link support website uses frames and therefore is not linkable. Is this what you were trying to link to?

No Support for IPSec Print
The current version of firmware for the DSL-500 / DSL-504 does not support IPSec in any form at this time. Please go to and occasionally check for the latest firmware. At this time, there is no timeline on when new firmware will become available. The current firmware is version 1.14 and 1.14A. The only difference between the two is that the 1.14A comes up with a default PPPoA screen, not PPPoE. Other than that, they are both the same.

This information is only for the US version of the DSL-500/504. The information in this knowledge base does not apply to the Generation 2 versions.
Click to expand...

Either way, I was surprised to read this. I can't think of any reason a fairly modern DSL modem would not support IPSec passthrough.
 
Upvote 0 Downvote
I guess question is this, is this your modem? And if it is, is it time to buy new. And other question, is the client ipsec or ssl? If you know its ipsec traffic then it may be time to ask the telco for a new modem or purchase one yourself.
 
Upvote 0 Downvote
That is not my modem model.

Before I try a router to give my pc a fixed IP, do you think if my ISP could increase the interval from 1 minute to 1 or 2 hours, or more, that will temporarily fix the problem?

But why are all traffic forced onto VPN? Is there something locally I can check?
 
Upvote 0 Downvote
For what it is worth, the information indicated for the DL-500/504 is listed in the section for the DL-502. I would be concerned about any DL-5xx model.

If your lease time were increased to something reasonable, it would certainly help your problem. I would guess that your ISP also services dialup accounts, which would explain the short DHCP lease. It would benefit their network to give all broadband accounts a longer lease, as it would reduce overhead on their DHCP server and free up a small amount of bandwidth.

Many VPN clients have the ability to force all traffic over the VPN. Usually DHCP traffic is excluded. Most of the VPN clients can operate without forcing all traffic over the VPN, but sometimes it requires a setting change on the server side. I am not familiar with the Citrix client, but it is possible there is a configuration option on the client. Look for something that references the using the default gateway on the host network or similar. Also, you may want to check with the admin of the server.
 
Upvote 0 Downvote
After speaking with my ISP regarding the IP address, I have configured my modem to use NAT. This also changes the lease time from 1 minute to 3 days. Thus the disconnection problem goes away.

Thanks a lot for all your help.
 
Upvote 0 Downvote
Good call mhkwood. You were dead on the money. This is what makes Tek-Tips one of the better forums on the net. You deserve a star.

G8orade
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
305
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Question
Best vpn safe and fast
Replies
4
Views
196
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
169
sircles
sircles
F
  • Question
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
0
Views
1K
FrankSider12
F
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
125
Joon Smith
Joon Smith

Part and Inventory Search

Sponsor

Back
Top