cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9067
Views
0
Helpful
33
Replies

RV120W ROUTER/FIREWALL "cannot display the webpage"

jason.mack
Level 1
Level 1

I have a small LAN utilizing a T1 line from One Communications.  Static IP address.

30 workstations.  Windows 2003 DHCP server.

Installed new RV-120W firewall router last week replacing an old Netgear unit.

Setup VPN tunnel on unit, have remote access in for about 10 users.

That part works good.  A tad slow, but acceptable.

My Issue: internet connectivity on internal LAN is in and out.  It is extrememly choppy.

Download and Upload speeds have been consistent (~2.5M/sec)

External Pings show very minimal loss if any.

Users have seem intermitant loss of web streams and corrupt downloads.  90% web activity is ok, but then we keep getting "cannot display webpage error".

NSLOOKUP will show DNS, but occasssionally "TIMEOUT" occurs.

I had provider perform loop-back tests and replace WIC on CISCO T1 1841 Router, but I am still seeing the behavior.

In reading other forms, I am seeing this is a continuous issue with the RV routers.

My settings...

Static IP / DNS on Router.

MTU set back at 1500.  I have adjusted it down incrementally to 1350.

Windows 2003 Server has RV120W address as router / gateway.

T1 to CISCO 1841 ROUTER...  to CISCO RV120W...to LAN via (2) CISCO SLM248G Switches.

I did not setup any port forwards.

I am continuing Line tests on my end, but like I said this issue was not existent with Netgear unit.

Please advise with any setting changes / suggestions.

1 Accepted Solution

Accepted Solutions

Hi Jason et al..

i believe the technician are now aware of a UDP issue on the Rv120W.

The internal discussions on the issue from R&D and development  seems to be;

1.       By default on RV120W there is a UDP Flood attack check which limits 25 UDP Connections Per Client in one instance, i.e at a particular time instance a PC behind this router can establish only 25 UDP Transactions, if we exceed router drops UDP Packets.


2.       We have a script that sends dns lookup queries at a very high rate than the router clears the UDP entries, this way we build up the UDP entry table in the router(i.e 25 entries)


3.       Once 25 limit is reached we are unable to resolve further DNS queries, using the script or using the browser.


4.       In the real world scenarios there might be one PC behind the router and open a website where all the items on the webpage are linked to different website, if you open this kind of website it may have links to more that 25 different website and clog the routers UDP table for that particular PC and user might not be able to resolve further DNS queries and unable to browse any new websites. This unability to browse happens until the UDP entries on the router time outs  and are cleared.


5.       This limit of 25 is because of the feature called Block UDP flood on the router which is enabled by default.


6.       Once we disable the block UDP Flood, router does not check for 25 UDP Connections limit and dns resolution is continuous without a break.

This is what a customers in the field might be seeing interruptions in DNS resolutions and website browse failed.

Some customers explicitly talked about DNS failures.

Jason I can see you have placed a service call, so hopefully CCORAL who posted on the 15 August should be helping you.

So Folks, If the Technician  deem the problem not a hardware issue requiring RMA, the technician will escalate the call to our Level 2 folks in Irvine, probably CCORAL.  You will get assistance to resolve this issue.

The Small Business Support center, should be aware of the problem. Please feel free to show them this posting, i am willing to chat with them to get the ball rolling.

So again, if you have not done so already,  please contact the SBSC  and place a service request and keep a copy of that number they give you as a reference (you may need it). My appologies for the inconvenience you have all had.

regards

Dave Hornstein

Small Business, Channel Systems Engineer

Cisco  - Research Triangle Park.  USA

http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

View solution in original post

33 Replies 33

streaves
Cisco Employee
Cisco Employee

Hello Jason --Thanks for posting in the Support Community.

The RV 120W Engineering Team is reviewing your issue. Would you be kind enough to share your configuration file? This will help us troubleshoot.

Thanks,

Stephanie Reaves

Small Business Technology Group

Just as an FYI, I reviewed my server and router settings last Friday.  I finally factory reset the RV120W and rebuilt my settings late Friday afternoon.

The results have been fairly promising.  I am still vey upset that I have to go through any of this "extra" effort.

This morning was the first test with my LAN at full capacity.  For the most part, I am seeing much better DNS resolution.  However, I still get periodic behavior where the the RV120W appears to block DNS resolution.  I get "cannot be displayed" errors on both main web sites (even google) and on some web content such as ads imbedded in sites.  For the most part though, the connection is much more stable and at least operational.  Emails and Downloads are coming through again without corruption and streaming data is stable.

***CORRECTION - STILL SEEING CORRUPTION AND PACKET LOSS AT PEAK USAGE TIMES*** 8/17/2010

Again, what's strange on my end is I get stable download and upload speeds, pings and latency are all in good range, and I get resolution 95% of the time.  But I am concerned because I am still seeing the odd behavior and DNS blocks.

***DNS TESTS DO SHOW HIGH LATENCY AT PEAK USAGE*** 8/17/2010

NSLOOKUP gives me the same behavior.  Most of the time I see my servers, but every so often it times out.

I have a T1 from One Communications utilizing Verizon infrastructure.  I have been working with them to ensure my connection. Again this issue began after I install the RV120W replacing a Netgear firewall VPN.

I have a Windows 2003 server handling DHCP.  DNS on server.  TCP/IP settings on server have a static IP, and DNS points to server address and alternate ISP DNS address.  DNS has forwarders setup pointing to three DNS address as given to me by my ISP.

If I statically assign IP / Gateway / DNS on a workstation I see same behavior.

What was really strange was the WAP functionally worked perfectly last week.  When Wi-Fi was used on systems I had no DNS or corrupt files last week, or DNS issues.

I will attach the .cfg

Thank you.

Message was edited by: Jason Mack on  8/17/2010

This is exactly what a client is experiencing with the RV120W. It was installed for them a couple of weeks ago, everything worked fine since then until now it is exhibiting these problems. They have no on-site server since they use Microsoft Online Services - BPOS. There is really nothing on their network other than the router, the phone system, a couple of printers, and their computers. Everything is DHCP from the ISP and DHCP on the network provided by the RV120W; its a pretty simple and straight forward setup. A good resolution will be great, this seems like a firmware issue and may need a firmware update.

David Hornstein
Level 7
Level 7

Hi folks,

Stephanie Reaves has mentioned this to the Business unit as she said.  Can you please assist her by opening up a service request (SR) ticket on this issue.

http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

This will increase the visibility of the issue and hopefully get resolution faster.  i know this is annoying for some, but your input will get things done.

These issues , if not configuration based, the issue  should be escalated.  So if the issue isn't resolved to your satisfaction please ask the technician to ecalate the problem.

regards David

I am honestly ready to return the damn thing and go back to a basic Netgear vpn. I can't believe CISCO puts out products like this.

I have spent over 40 hours troubleshooting a product that should take 2 hours to setup.

Try explaining to my 30+ network clients that this "annoyance" should be escalated to "get things done".

This product should not be on the market and labeled for SMALL BUSINESS.

It has affected our network, our emails (especially attachments), and our overall business operation.

My company has installed multiple Networks and VOIP systems.  We are an electrical contractor specializing in Data Communication networks.

And we can't get a simple VPN router to maintain a constant broadband connection.

If I was the only person having such an issue, I would take the blame, but in scanning your boards you have multiple complaints with the unit and with your RV brand of routers.  There are multiple speed and connection issues with these units.

CISCO needs to elevate this problem and take correction action.

I will open up an SR hopefully later today.  Unfortunately I have real business to attend to and can't spend another day troubleshooting your product line.

Yes I am aggravated.

Besides web issues, all users on the client's network have also been experiencing email issues; emails do not get delivered and neither do they bounce back to sender. Microsoft Online Services Exchange Online's Outlook Web Access sign in page won't even open, all these problems due to this product. A reboot last night did nothing to help but as soon as I replaced it with the old reliable Linksys WRT54G all went back to full operation. We are returning this brick back to the store now in less than thirty days of purchase.

I thought Cisco made quality products or is this just relabeling Linksys products, known for sub-par firmware, as Cisco? If that is the case, it will hurt your brand, you better re-code all Linksys firmware, they mostly emit bugs.

jason.mack
Level 1
Level 1

WHAT TYPE OF INTERNET CONNECTION DOES YOUR CLIENT HAVE?

The client has cable internet, not that it has anything to do with the issue here since the Linksys loaner we gave them until we return and replace the faulty equipment works just fine.

velociraptor01
Level 1
Level 1

So its not just me. I put a brand new RV120W in place about a week ago, replacing a linksys, and I am getting 'cannot be displayed' pages frequently. I have tried every combination of DNS setup I can think of, to no improvement. There is definitely an issue here. The linksys was not behaving this way.

_mc

I did the same here with DNS settings.  I have gone into my DNS settings on my server, tried different DNS addresses and Open-DNS sites, and even isolated a few workstations to point to DNS sites instead of my server.

But what I had to remind myself is that my network HAD NONE OF THESE ISSUES before I switched out my Netgear unit.

Originally, I needed a VPN router that would allow more users to remote in.  And I have spent a week pulling my hair out.

The thought has hit me to back charge CISCO with an invoice for all the setup, design, and QA we are doing for them.

I will be calling in my "actually" support ticket later today since I have not received any customized support on these boards besides hearing "we are forwarding to engineering"....

IS THERE ANYONE FROM CISCO ACTIVELY ON THESE BOARDS?
CAN WE GET SOME SUPPORT?

Basically, what I have diagnosed is that when demand peaks, the router for some reason loses DNS translation ability.

I am stable for a while, then it gets worse over the course of the day as my network load increases.

In reading the boards, this issue affects all ISP's - Cable, DSL, and T1 (my connection).

The issue is based on network load / CPU usage.

The issue does not seem to affect VPN usage or WAP (although some posts may indicate otherwise)

The issue is realted to DNS routing though the unit and increases in frequency when network load peaks

While I am "guessing", it certainly looks like the CPU of the unit may not know how to handle a high demand, and that this is certainly a firmware issue.

I have just officially given up. I am arranging return of the RV120W - very disappointed in Cisco in this. I had high hopes given the specs on it.

Looking at putting in a D-Link Xtreme N DIR-855 now.

_mc


jfurg26
Level 1
Level 1

I am having the same problems with this brand new RV120W piece of JUNK.

I see it has been over a week now and Cisco has done nothing. They must have some real losers in the testing department, if they even tested it.

Even the one I took from my client while they use a loaner Linksys wireless router also can't really do WiFi besides the default settings, anytime I configure it with custom SSID and encryption nothing is simply able to connect to it, not a single computer could connect to it even with something as simple as WEP. I tried this all day today, each time having to reset it in order to gain access to it again. Even when computers do connect to it with the default WiFi setting, it takes a while for that to happen even worse when the computers ave just booted up; they are never able to connect to it before they finish booting up like with other WiFi products, its always way later and one has to wait and wait for that to happen. This really is an expensive piece of crap. Considering how expensive Cisco prices this and other products, this is such nonsense at its highest level. I mean why would a WiFi router go for $150? Trust is very hard to attain and Cisco is certainly throwing it all away with such a lousy product. I'm certainly thinking three times before recommending another Cisco Small Business product until I see positive change.

jason.mack
Level 1
Level 1

Support ticket submitted.

30 minutes wasted doing the same testing and changes that have already been done.

I hate giving up, but this is one issue I might have to walk away from.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: