I asked this question awhile ago, and didn't get any response, so I'll try again. Occassionally (maybe 1 per hour) one of our clients' connections through Wingate 5.2.2 gets "blocked"...no throughput. It is most noticeable when the client is playing an on-line game...the connection goes linkdead...no connection.
We only have about 20 users using the NAT, and only about 10 of those are on simultaneously. Could Wingate actually be blocking a connection randomly? Is there anything that can be "tweaked" to deal with it?
Any help is very much appreciated.
Rob
Connections randomly "blocked"
Moderator: Qbik Staff
13 posts
• Page 1 of 1
Connections randomly "blocked"
by mfia » Jan 30 04 11:05 am
- mfia
- Posts: 10
- Joined: Jan 23 04 12:01 pm
Re: Connections randomly "blocked"
by Pascal » Feb 03 04 7:51 am
mfia wrote:I asked this question awhile ago, and didn't get any response, so I'll try again. Occassionally (maybe 1 per hour) one of our clients' connections through Wingate 5.2.2 gets "blocked"...no throughput. It is most noticeable when the client is playing an on-line game...the connection goes linkdead...no connection.
We only have about 20 users using the NAT, and only about 10 of those are on simultaneously. Could Wingate actually be blocking a connection randomly? Is there anything that can be "tweaked" to deal with it?
Is it the physical connection going down, or can the one client simply not connect ? At the time the problem occurs, can you still access the internet normally from other locations ?
Last question - how many (roughly) sessions are open at the time if you look through GateKeeper ?
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by mfia » Feb 04 04 5:31 am
Pascal,
Thank you so much for responding!
It is that single physical connection that goes down...that one client loses connection. All other stations can access the internet normally from the other locations. As an example, there may be four machines playing an on-line game at the same time, but only one machine loses the connection and goes linkdead. Also, it is not always the same machine...it happens to all of them now and then, although at different times.
There are roughly 6 or 7 other sessions open at the time in Gatekeeper. We have a total of 24 machines using Wingate, but not all are accessing at any one time.
Thanks for your help :)
Rob
Thank you so much for responding!
Is it the physical connection going down, or can the one client simply not connect ? At the time the problem occurs, can you still access the internet normally from other locations ?
It is that single physical connection that goes down...that one client loses connection. All other stations can access the internet normally from the other locations. As an example, there may be four machines playing an on-line game at the same time, but only one machine loses the connection and goes linkdead. Also, it is not always the same machine...it happens to all of them now and then, although at different times.
Last question - how many (roughly) sessions are open at the time if you look through GateKeeper ?
There are roughly 6 or 7 other sessions open at the time in Gatekeeper. We have a total of 24 machines using Wingate, but not all are accessing at any one time.
Thanks for your help :)
Rob
- mfia
- Posts: 10
- Joined: Jan 23 04 12:01 pm
by Pascal » Feb 04 04 7:07 am
Few more questions, to try and narrow it down to a specific area in WinGate or otherwise.
Does the online game use DirectPlay (Like AOE, or similar) or a custom protocol like WC3 ?
What do you have to do to restore connectivity to the client machine ? Is a reboot required, or can you simply reconnect the game ?
Does the online game use DirectPlay (Like AOE, or similar) or a custom protocol like WC3 ?
What do you have to do to restore connectivity to the client machine ? Is a reboot required, or can you simply reconnect the game ?
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by mfia » Feb 04 04 7:37 am
Does the online game use DirectPlay (Like AOE, or similar) or a custom protocol like WC3 ?
The online game, Everquest, uses DirectX 9, if that helps.
What do you have to do to restore connectivity to the client machine ? Is a reboot required, or can you simply reconnect the game ?
We can just simply reconnect the game.
Thanks!
- mfia
- Posts: 10
- Joined: Jan 23 04 12:01 pm
by Pascal » Feb 04 04 7:44 am
mfia wrote:Does the online game use DirectPlay (Like AOE, or similar) or a custom protocol like WC3 ?
The online game, Everquest, uses DirectX 9, if that helps.What do you have to do to restore connectivity to the client machine ? Is a reboot required, or can you simply reconnect the game ?
We can just simply reconnect the game.
Thanks!
Do me a favour, please. Enable full logging on ENS (Including debug) and let it run the next time you're playing. When the client disconnects, make a note of the time on the server (If possible) so we can cross reference to a point in the log file. We should be able to see a session termination code then, which will give us an idea of why it closed.
Thanks,
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by Pascal » Feb 05 04 11:36 am
mfia wrote:Pascal,
I just emailed a log to you with a game client disconnect...please let me know what you think.
Thanks!
Rob
Curious. I can't see the client in the log file. Searching through it, the only entries for that client IP is authorisation failures for port 137. Ah... just got your email ...
Right, the only thing that I'd pick out of there is the rather large number of authorisation failures for UDP inbound responses to what seems to be the EverQuest games.
Do you know the port numbers and protocols that EverQuest uses ?
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by mfia » Feb 05 04 11:54 am
Pascal,
Everquest has the following page with those details...
http://eqlive.station.sony.com/support/tech_support/ts_network_support_firewall_proxy_info.jsp
Rob
Everquest has the following page with those details...
http://eqlive.station.sony.com/support/tech_support/ts_network_support_firewall_proxy_info.jsp
Rob
- mfia
- Posts: 10
- Joined: Jan 23 04 12:01 pm
by Pascal » Feb 05 04 12:30 pm
Alright, here is your problem.
"EverQuest client:
UDP datagrams are sent to/from the player's PC (using ports numbered >1023) from/to the EverQuest servers (using ports numbered >1023). Additionally, ICMP Unreachables (ICMP type 3) are sent to/from the player's PC from/to the EverQuest servers."
"These settings should only be applied if you are currently having issues with your software firewall program in connecting to your EverQuest server, or you are able to connect to your EverQuest server and are experiencing random disconnects while in game."
The UDP responses are being blocked because of what looks to be an authorisation failure. Is there a corresponding SysLog message that indicates that a specific user (Guest?) failed authentication ?
If that is the case, it is most likely a policy - you can check your System / NAT policies and ensure that the blocked user has rights. You might need to open the ports as well (Or at least create Port Security Actions for them with a fairly long timeout)
"EverQuest client:
UDP datagrams are sent to/from the player's PC (using ports numbered >1023) from/to the EverQuest servers (using ports numbered >1023). Additionally, ICMP Unreachables (ICMP type 3) are sent to/from the player's PC from/to the EverQuest servers."
"These settings should only be applied if you are currently having issues with your software firewall program in connecting to your EverQuest server, or you are able to connect to your EverQuest server and are experiencing random disconnects while in game."
The UDP responses are being blocked because of what looks to be an authorisation failure. Is there a corresponding SysLog message that indicates that a specific user (Guest?) failed authentication ?
If that is the case, it is most likely a policy - you can check your System / NAT policies and ensure that the blocked user has rights. You might need to open the ports as well (Or at least create Port Security Actions for them with a fairly long timeout)
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by mfia » Feb 06 04 6:08 am
Thanks Pascal,
We are using the Standard version, not the Pro version, so I don't see actual users..just the guest. My System log file is huge, and I can't open it to see if guest was being blocked...however I have no restrictions on the user "guest".
I guess I'll look into the port issue...the firewall hasn't been showing any blockages, plus I get the same performance if I all out turn off the firewall.
Rob
We are using the Standard version, not the Pro version, so I don't see actual users..just the guest. My System log file is huge, and I can't open it to see if guest was being blocked...however I have no restrictions on the user "guest".
I guess I'll look into the port issue...the firewall hasn't been showing any blockages, plus I get the same performance if I all out turn off the firewall.
Rob
- mfia
- Posts: 10
- Joined: Jan 23 04 12:01 pm
13 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 12 guests