cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2661
Views
5
Helpful
10
Replies

RV016 V2 connection problems - DNS related?

evismwots
Level 1
Level 1

We have an RV016 (hardware version 2, firmware version 3.0.2.01) behind a cable modem.

Attached to this RV016 is a switch to which our other devices are connected. Among those is another switch, a wireless access point and our VOIP phone system.

The issue with this setup seems to be as follows:

The Mac machines at our office seem to be unable to get internet access reliably. What we have observed is that a connection to the wireless access point is made. Google will load fine, then when performing a search it comes back with either a dns lookup error or just says that the site can't be found. Sometimes sites will load just fine, sometimes they don't. Our Windows or Ubuntu machines in our office hardly ever have that issue, but they do on occasion. Essentially internet is usable on Windows and Ubuntu, but not on a newer Mac. Mainly three Macs are affected that run a newer OS. Two other Macs (older OS) seem to be fine. My coworkers (who have that issue at work) report that at home they do not.

The DNS servers on the router were set to our ISPs addresses. I have since changed them to opendns servers. The issue persists.

When connecting a MacBook directly to the cable modem, everything works fine. Since we are using NAT, I do need to use the router. There are devices attached to it that these users need to be able to get to.

When hooking up the wireless access point to the cable modem, service is fine too. It all seems to point to the router. If someone could offer advice that would be great.

Thanks.

10 Replies 10

Te-Kai Liu
Level 7
Level 7

A similar issue was discussed in this thread.

https://supportforums.cisco.com/message/3100024#3100024

The quickest way to work around the issue is to specify a static DNS Server on your Mac, e.g.

  • 208.67.222.222
  • 208.67.220.220

(http://en.wikipedia.org/wiki/OpenDNS)

Thank you for the hint. We lost power here so I will get back to you as soon as I can actually test. I have, however, previously set the DNS servers at the machine-level (on the Macs) without success. Do I need to provide the router as a DNS server there?

It seems like the post you are referring to suggests to assign static IP addresses to the Mac computers. Is that correct?

Thanks.

I did go ahead and set the DNS servers for one of the Macs to the opendns servers. Still no luck. As previously sometimes sites will load and sometimes they just seem to idle forever. While cnn.com loaded fine (albeit slowly), abc.com took several minutes to load and yahoo.com loaded but failed to show css, images and videos.

Any other suggestions?

Thanks.

Could you check if the Mac has any misconfigured search domains next to the DNS Server?

You might need to reboot the Mac to clear its cache.

After reverting back to the normal settings (get DNS servers from the router, still the opendns servers) I see an entry there that matches the domain name as set on the router under network.htm. It is rrcs-xx-xx-xx-xx.central.biz.rr.com, where I blanked out our static IP address.

That seems fine from what I know.

So I have tried to set the DNS servers to OpenDNS right on the Mac, which I had tried before. The search domains listed were apparently still there from the router and listed as rrcs-xx-xx-xx-xx.central.biz.rr.com. This entry came from the domin name on the router's network.htm page.

I tried deleting that domain name and with both approaches see no difference.

Anything else I can try?

Yes, you want to delete the domin name on the router's network.htm page, so Mac will not try to get it into its search domain, which may slow down the name resolution.

After Mac is restarted, could you post its DNS config page?

You could also consider contacting the Small Business Support Center for further troubleshooting the issue. A packet capture on the WAN port will tell why DNS service is slow.

Thanks for the reply. I have attached a screenshot of the DNS config page.

No luck with these settings. I will have a look at wireshark to see what I can produce.

After looking at the firewall log yesterday and finding a bunch of "Connection refused - policy violation" entries, I went ahead and disabled the firewall briefly yesterday. Not only did one Mac user report that he was now able to use the internet, we also noticed an overall speed increase for those who never had that problem.

Our firewall rules are really simple:


Jump to                                                                                       /                      1                     page
entries per page

PriorityEnableActionServiceSource InterfaceSourceDestinationTimeDay
Delete

AllowDNS [53]*AnyAnyAlways Delete

DenySMTP [25]LAN192.168.0.2 ~ 192.168.0.100AnyAlways Delete

AllowSSH [22]*Any192.168.0.245 ~ 192.168.0.247Always Delete

AllowHTTP [80]*Any192.168.0.245 ~ 192.168.0.247Always Delete

AllowHTTPS [443]*Any192.168.0.245 ~ 192.168.0.247Always Delete
AllowAll Traffic [1]LANAnyAnyAlways  
DenyAll Traffic [1]WAN1AnyAnyAlways  
DenyAll Traffic [1]WAN2AnyAnyAlways  
DenyAll Traffic [1]DMZAny192.168.0.0 ~ 192.168.0.255Always  
AllowAll Traffic [1]DMZAnyAnyAlways

At the bottom are the default rules of course. Other than blocking SMTP, we only have allow rules.

Another thing I tried was to turn off stateful packet inspection, denial of service, and WAN request blocking while leaving the firewall on. That did not help.

Does that help in trouble-shooting this?

After some more reading here I noticed that it was recommended to reset to factory defaults after a firmware upgrade. We did a firmware upgrade just recently and today I restored to default settings, then reloaded the settings from our configuration file. The results are the same. I see a plethora of "Connection refused - Policy violation" in the firewall log - often UDP from our DNS server to local machines. Why would DNS lookup be blocked? This seems to affect Macs as well as other machines. I am not sure it is related, but thought I would mention it.

Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: