D-Link Forums
The Graveyard - Products No Longer Supported => Routers / COVR => DIR-825 => Topic started by: emod on June 22, 2009, 10:30:11 PM
-
I'm a bit new to this terminology but I'll try to explain what's happening. Just set this router up...quick...easy...I'm very pleased. Everything has worked smoothly EXCEPT, of course, my mmorpg game (FFXI). I've made sure I have the proper ports forwarded, have tried going into DMZ, nothing seems to improve my inability to connect to the server. Seems like a lot of talk about this very issue online, but no solutions. From my log, after attempting to connect and getting timed out, I see:
Blocked incoming UDP packet from 75.47.120.146:22867 to 199.6.48.229:6452
Blocked incoming TCP packet from 202.67.56.131:51241 to 199.6.48.229:17271
Blocked outgoing TCP packet from 192.168.0.198:17271 to 202.67.56.131:51241
I'm sure that there is a way to allow this? and therefore get me logged into the ffxi server? This is probably easy and I'm just not getting it.
Called tech support earlier, dlink tech support and ffxi support...was like running in circles while having teeth pulled.
-
Any luck with this? I have the same problem, seems everything is working but I get dropped connections every once in a while and I have page after page of this same kind of error. Have you rigured it out yet?
Blocked incoming TCP packet from 96.17.109.113:80 to 24.18.171.203:51398 as FIN:ACK received but there is no active connection
Blocked outgoing TCP packet from 192.168.0.246:51398 to 96.17.109.113:80 as RST:ACK received but there is no active connection
-
Your problems are not the same, his are straight drops and you are getting SPI drops.
The straight drops happen because there is no rule allowing that traffic, DMZ should resolve that, I hate to say this but this kind of problem is best looked at by TS, because at least them we can have you tweak a dozen different things and it won't take months.
-
TS, surely you jest? I tried that route yesterday and wow. I have had less painful experiences with the Dentist. It seems the only way to get semi-decent TS with Dlink is if you pay the $32 for the Advanced Tech Support. My unit is only 3 weeks old, I have had to remove SPI, used DMZ to get my VoIp router to be able to Fax, and I have had to reserve IP addresses for everything in the house. So far this is the only way to get things to work with this router. What is the use of a semi high end router if its going to have to be set up like a cheapo $49 router. I have the latest firmware and from what I am reading around here and other forums, that might be the cause of all my problems.
-
If you are not going to read my posts I won't bother to write them. I never suggested you call TS.
-
Ahhh, FatMan you suggested that I call TS.
"I hate to say this but this kind of problem is best looked at by TS, because at least them we can have you tweak a dozen different things and it won't take months"
-
Does the FAX work if the router isn't in play?
As for the FFXI game, you shouldn't need to forward ports. Does that machine that you're trying to play from run an Antivirus program?
-
Yes the fax machine works fine when the Vonage router is hooked straight to my Cable Modem.
"As for the FFXI game, you shouldn't need to forward ports. Does that machine that you're trying to play from run an Antivirus program?"
I don't know about FFXI, I dont normally play games on my computer. Sorry
-
LOL.
For the vonage router, how are you connecting it to the 825?
-
Staight into one of the 4 ethernet ports on the 825, then the 825 goes into my cable modem.
-
i understand it's connected to the LAN of the 825, but where on the Vonage router.
-
Its goes from the internet jack on the router to one fo the 4 ethernet ports on the D-Link router.
-
had you read the sentence above you would have seen I suggested the OP do that, only the first sentence was for you it said this is a different problem.
-
I see, but no normal person unless they work for Dlink would suggest they call TS. I have had 3 instances were I have called Dlink TS and all 3 have ended in more gray hair and a larger ulcer. They are truly the "Prompt" reading experts. The TS person was asking me what kind of Router I had after I had told him twice. TS was worthless and I was hoping to get some answers from these forums and so far it has been very helpful. I do appreciate all the help that is given in forums. Thanks
-
I am surprised you got TS long enough to get grey hairs, it sounds like you are double NAT'ed, they shouldn't even try to support a double NAT'ed setup.
This is what Lycan was troubleshooting towards. He was also getting your issue confused with the OPs, hence the gaming questions.
To skip to the end of this conversation, why do you have a WBR-1310 and a Vonage router?
If it is just so you can get wireless you should use the Vonage router as your NAT device and turn off DHCP on the WBR-1310 (I assume we are still working on a WBR-1310), and set the LAN IP of the WBR-1310 to be a valid address on the LAN of the Vonage router, yet outside it's DHCP scope. Once you have all that done (not before), you can connect them LAN to LAN and have wireless and no double NAT'ing issue.
If any of that doesn't make sense tell me what you don't get so I can point you in the right direction.
-
FatMan once again I am confused. I think we might be mixing two posts and twisting our equipment. Let me explain my setup and see if we can figure something out:
Comcast 20+ mbps internet account
Motorola DocSys3 Surfboard Modem
Dlink DIR-825 Wireless router
To this I have 2 linksys VoIp Vonage routers hooked up with DHCP/Wireless and other features turned off. These are basically phone modems. It is not assigning or allowing any computers to go online.
on the other 2 porst of the Dir-825 I have my Xbox and my laptop. That is it.
I am not using the Linksys Voip routers because they are not Gigabit and they dont offer Wireless N capabilities. My laptop is Gigabit and so is the cable modem. I have ran cat6 wire and connectors through out the house. This is how I was told to set it up by the Advanced (Paid) technical support from Linksys.
My biggest concern right now is this message on the log file:
Blocked outgoing TCP packet from 192.168.0.251:49913 to 74.125.53.121:80 as FIN:ACK received but there is no active connection
The first ip Address is the address of my laptop. The rest I dont know.
I ran a spybot check, a virus check and even turned anything in the house that might have wireless internet off. iPhones, Wii, Roku Media Player. Could I have a virus I dont know of and its trying to send information out of my laptop. I get the same kind of message but with outgoing changed to incoming.
-
You are right, I had a crossed wire, I was confusing which earlier thread this thread had been hijacked from. I am straightened out now.
That message means the packet has been dropped by SPI (SPI is not the only SPI setting endpoint filtering plays in here too in a not terribly well defined way). Period.
Also, I realize it doesn't matter at this point but even if your modem is gigabit (I haven't seen one personally but hey anything is possible), your WAN pipe is not (20+ is way less than 100, and not on the same scale as 1000) and having gigabit on your modem is not a benefit in the slightest.
Regardless of where on your LAN the DIR is it's LAN ports are gigabit, however even that is a non-issue in your environment because you only have 1 gigabit device you are therefore getting zero benefit from gigabit. If you paid someone for that network layout and your criteria was making use of gigabit then you could have burned the money and at least gotten a little heat out of it, as such even that was lost.
-
I might be completely wrong here but here is my reason for having the gigabit modem. I have a gigabit computer, a gigabit router and now a gigabit modem. So the time that it takes my computer to get to the modem has been decreased and when downloading a file the cyber waterhose is now a firemans hose. So files get back to my computer faster. Now why would you say that the WAN pipe is not gigabit? What do you consider the WAN pipe. I do plan on getting a gigabit NAS device in the near future which is another reason for the Gigabit.
-
One note on this blocking of incoming TCP packets:
I checked all the items in my house that have used the internet: Wii, iphone etc., and none of them have that mac adress that is showing up on there. Does this mean that someone outside of my network is trying to penetrate my firewall and the fact that its blocking it, it means that the firewall is working right?
-
I mean that the additional capacity of gigabit is unused for WAN traffic.
If you have 20Mbps coming down, that will not saturate a 100Mbps pipe, so a 1000Mbps pipe is no benefit over a 100Mbps pipe.
Now if you had that gigabit storage device we are finally talking about adding capability, as long as the PC and the network storage device are both connected to a gigabit switch (tha LAN of the DIR is one) then you could (potentially) see benefit.
Then you get to ask yourself if your single PC's file requests can saturate the network storage device's capability to fulfil them and if so what is your total potential throughput. In my experience with home class storage devices (in as simple a network as you have explained to me) that saturated best case throughput is still less that 100Mbps.
As such even with that additional equipment (which would require some moving things around in your current network) it is questionable if gigabit will be a boon to you.
Since when do we have a MAC address involved? Where are we seeing this MAC, in what context? PM me the MAC so I can take a look at it, it might tell me more than it tells you.
-
Very sorry for not following up on my own thread.
The one and only solution that worked for my ffxi connection problem, after climbing the tech support ladder to level3? higher? was....
They had me change my router address to 192.168.10.1
That solved all the problems but they/me tried everything else to get it to work.