I am having the strangest issue on my network and am hoping anyone could offer insight as to why it is happening?
I have a network of 50+ users with half running XP and half running Windows 7. Soon we will be upgrading all users to Windows 7. During the past month a number of the Windows 7 users have reported intermittent Internet connectivity. I would go to their computer and see that they are getting all the correct IP information from the DHCP server and reboot their network adapter. Usually one reset of the adapter would do, but sometimes had to reset it twice or three times before connectivity would occur.
After a few weeks of this more users would report consistent intermittent connectivity. Just to the Internet, as they were able to reach their folders on our file server and were able to receive e-mails from our e-mail server. I decided to monitor the network traffic on one of the adapters having the issue using Wireshark, and found an ARP request and reply for the gateway IP. I logged into the router and found that the reply given to the Windows 7 machine was incorrect, as the MAC address given to the Windows 7 machine was the WAN1 port of the RV082. The LAN port on the router is 192.168.0.1 and has a MAC of xx-xx-xx-xx-xx-x0. The WAN1 port on the router has a public IP and has a MAC of xx-xx-xx-xx-xx-x1. I checked the arp cache on the Windows 7 computers and confirmed that when they have no internet connectivity the ARP cache reads like this:
192.168.0.1 xx-xx-xx-xx-xx-x1 dynamic
The machine is able to ping every machine on the internal network except for the gateway IP. Also, after updating the cache to map the gateway IP with the LAN port MAC address, using:
the issue was resolved for that Windows 7 machine. However, the issue is ongoing for every Windows 7/Vista machine added to the network. I do not want to update the ARP cache on every Vista/7 machine introduced to the network.
Is there anything that can be causing this issue? We are running firmware 2.0.2.01-tm which was updated from 184.108.40.206-tm just 2 weeks ago.
Well, it's definitely not a router hardware issue as we received a new router RV082, and I reconfigured it from scratch. After switching back the Windows 7 computers' ARP cache it started reverting the gateway IP to the WAN port MAC of the new router. Frustrating.
Possibly a Windows 7 issue as it only appears to rear its head on these machines?
downloaded XArp to see what's going on and the logs detail that it is indeed happening to XP machines, however, the correct port is immediately sending out the correct ARP reply after the WAN port's incorrect reply:
19/07/2012 - 14:03:25 - arp - ChangeFilter: MAC address for IP 192.168.0.1 changed from f0-f7-55-4e-e3-d0 to f0-f7-55-4e-e3-d1 - 0x2 - f0-f7-55-4e-e3-d1 - 00-25-11-1f-8a-7c - reply - f0-f7-55-4e-e3-d1 - 00-25-11-1f-8a-7c - 192.168.0.1 - 192.168.0.109 - in
19/07/2012 - 14:03:25 - arp - ChangeFilter: MAC address for IP 192.168.0.1 changed from f0-f7-55-4e-e3-d1 to f0-f7-55-4e-e3-d0 - 0x2 - f0-f7-55-4e-e3-d0 - 00-25-11-1f-8a-7c - reply - f0-f7-55-4e-e3-d0 - 00-25-11-1f-8a-7c - 192.168.0.1 - 192.168.0.109 - in
So XArp is saying that the source mac for this change is the WAN port of my new router? If this was an ARP attack what would be the benefit of creating a script to change everyone's ARP cache to point the gateway IP to the WAN port of the RV082?? Just as a denial of service? How would I go about flushing this offensive script out?
Is there a way to tell the WAN port of the RV082 to stop responding to such an internal ARP request?
Hello, This article will describe how to configure PPTP VPN on the new
RV340/345 routers from the Small Business series. RV340/345
Configuration The first step is to enable the PPTP Server: Go to VPN ->
PPTP Server Change PPTP Server: from Off to On Selec...
Article ID:5748 Use TheGreenBow VPN Client to Connect with RV34x Series
Router Introduction A Virtual Private Network (VPN) connection allows
users to access, send, and receive data to and from a private network by
means of going through a public or share...
Article ID:5728 Configure a Teleworker VPN Client on the RV34x Series
Router Objective The Teleworker VPN Client feature minimizes the
configuration requirements at remote locations by allowing the device to
work as a Cisco VPN hardware client. When the T...