We are trying to use a VPN tunnel via cellular uplink to upload video from a car while on the road. When the car enters the station garage the modem prefers/switches to WiFi.
When the VPN tunnel goes down there is a log entry stating that "VPN Tunnel is down - inserting drop rules for 192.168.7.9 ( IP of server)
Is there any way to prevent this behavior?
This is an MP70
Hi btallon,
To narrow down the problem, could you provide:
What carrier are you using?
And what type of VPN are you using, IPsec or OpenVPN?
Thanks,
IPSEC VPN to a Cisco ASA. We did more testing yesterday and I think we are ok now. If we wait 4-5 minutes after the switch from Cellular/VPN to Wifi, the video will eventually load to server. So it seems like the modem injects this drop rule but eventually it is removed/flushed.
I am not sure who the carrier is but I can find out from the onsite admin. We have one more car that we need to setup this way, looking at next week to try it. I will respond back once I know if this is still working.
I appreciate the reply Jerdung,
These are the log entries I see:
Aug 25 17:40:11 notice ALEOS_SECURITY_Firewall: VPN tunnel is up - removing drop rules for 192.168.7.9
Aug 25 17:40:11 notice ALEOS_SECURITY_Firewall: Applying IPv4 firewall configuration
Aug 25 17:40:12 notice ALEOS_SECURITY_Firewall: Successfully applied firewall configuration
Aug 25 18:46:56 notice ALEOS_CONNECTMGMT: *** Network Connection successful. WAN IP [Wi-Fi] : 172.16.2.205
Aug 25 18:46:56 notice ALEOS_CONNECTMGMT: GDNS is restarting dnsmasq
Aug 25 18:46:57 notice ALEOS_SECURITY_Firewall: VPN tunnel is up - removing drop rules for 192.168.7.9
Aug 25 18:46:57 notice ALEOS_SECURITY_Firewall: Applying IPv4 firewall configuration
Aug 25 18:46:57 notice ALEOS_SECURITY_Firewall: Successfully applied firewall configuration
Aug 25 18:46:57 notice ALEOS_LAN: MTU Source Auto - Set DHCP option 26 MTU: 1430
Aug 25 18:46:58 err ALEOS_LAN: MTU Source Auto - Ignore Opt 26 MTU size 1500
Aug 25 18:46:58 notice ALEOS_LAN: Starting dnsmasq
Aug 25 18:47:00 notice ALEOS_LINKMGMT_linkmon: New Link Status - Network Ready - Wi-Fi
Aug 25 18:47:00 warning ALEOS_SERIAL_HMC: not in tcp mode current mode 0
Aug 25 18:47:01 notice ALEOS_SECURITY_Firewall: VPN tunnel is down - inserting drop rules for 192.168.7.9
Aug 25 18:47:01 notice ALEOS_SECURITY_Firewall: Applying IPv4 firewall configuration
Hi btallon,
All I can explain is that when you switch Cellular to Wifi, the WAN interface also switches from Cellular to Wifi. But somehow, the IPsec tunnel was maintained on the previous WAN interface after the switching (4-5mins). Here is the known issue I found in ALEOS release note 4.12:
If you still face this issue, please try to update to the latest firmware and try again.
Note: On ALEOS 4.14, some users in this forum reported that they faced some connectivity issues with Verizon sim. If you use this sim, please update to ALEOS 4.13 via Airvantage.
Thanks,