The Graveyard - Products No Longer Supported > DGL-4100
Router constantly Blocks ICMP
DAOWAce:
Bit of a necro, but I'm getting this as well on my DGL-4100.
Outbound ICMP packets are being blocked to services I need them not blocked to.
ICMP is allowed and even prioritized over normal network traffic. I've even DMZ'd myself and it's still being blocked. My firewall is set to 'address restricted' for both TCP and UDP connections with SPI enabled. I don't want to risk reducing it.
Edit: Additionally, it's blocking connections from myself to myself on different ports even though the firewall is set to address restricted only. I don't get it.
There's these niggling issues this router seems to have with connection blocking that have been an irritant for the 9 or so years I've used it.. but it's still going strong (with my huge amount of QoS settings stored) so I haven't replaced it yet. Think I might have to finally do that, but I dread the thought.
FurryNutz:
Link>Welcome!
* Link>What Firmware version is currently loaded? Found on the routers web page under status.
* What region are you located?
* Are you wired or wireless connected to the router?
Internet Service Provider and Modem Configurations
* What ISP Service do you have? Cable or DSL?
* What ISP Modem Mfr. and model # do you have?
Router and Wired Configurations
Some things to try: - Log into the routers web page at 192.168.0.1. Use IE, Opera or FF to manage the router. Besure to log into the Admin account on the router.
* Turn off ALL QoS or Disable Traffic Shaping (DIR only) GameFuel (DGL only and if ON.) options, Advanced/QoS or Gamefuel.
* Turn off Advanced DNS Services if you have this option under Setup/Internet/Manual or under Setup/PARENTAL CONTROL/Set to>None: Static IP or Obtain Automatically From ISP.
* Enable or Disable Use Unicasting (compatibility for some ISP DHCP Servers) and test under Setup/Internet/Manual. Disable may help with speed performance on higher speed ISP services.
* Turn on DNS Relay under Setup/Networking. Link>Finding Faster DNS Addresses using Name Bench and input new DNS addresses under Setup/Internet/Manual.
* Setup DHCP reserved IP addresses for all devices ON the router. Setup/Networking. This ensures each devices gets its own IP address when turned on and connected, eliminates IP address conflicts and helps in troubleshooting and maintain consistency for applications that need to connect as well as mapped drives.
* Ensure devices are set to auto obtain an IP address.
* Set Firewall settings to Endpoint Independent for TCP and UDP under Advanced/Firewall. Enable or Disable SPI to test.
* Enable uPnP and Multi-cast Streaming under Advanced/Networking. Disable uPnP for testing Port Forwarding rules.
* WAN Port Speed set to Auto or specific speed? Some newer ISP modems support 1000Mb so manually setting to Gb speeds can be supported by the router. Advanced/Advanced Networking/WAN Port Speed
* Set current Time Zone, Date and Time. Use an NTP Server feature. The DST setting is only needed in the NA region. Tools/Time.
Does the 4100 have WAN Ping Respond? Some users have mentioned using this to help enable some traffic.
What are you using that needs ICMP traffic?
This router is getting to be a bit old and there maybe some network traffic or applications now days that maybe just incompatible with using this model router. The 4100/4500 are now phased out. :(
--- Quote from: DAOWAce on February 24, 2015, 06:27:44 PM ---Bit of a necro, but I'm getting this as well on my DGL-4100.
Outbound ICMP packets are being blocked to services I need them not blocked to.
ICMP is allowed and even prioritized over normal network traffic. I've even DMZ'd myself and it's still being blocked. My firewall is set to 'address restricted' for both TCP and UDP connections with SPI enabled. I don't want to risk reducing it.
Edit: Additionally, it's blocking connections from myself to myself on different ports even though the firewall is set to address restricted only. I don't get it.
There's these niggling issues this router seems to have with connection blocking that have been an irritant for the 9 or so years I've used it.. but it's still going strong (with my huge amount of QoS settings stored) so I haven't replaced it yet. Think I might have to finally do that, but I dread the thought.
--- End quote ---
FurryNutz:
Any status on this? ???
--- Quote from: DAOWAce on February 24, 2015, 06:27:44 PM ---Bit of a necro, but I'm getting this as well on my DGL-4100.
Outbound ICMP packets are being blocked to services I need them not blocked to.
ICMP is allowed and even prioritized over normal network traffic. I've even DMZ'd myself and it's still being blocked. My firewall is set to 'address restricted' for both TCP and UDP connections with SPI enabled. I don't want to risk reducing it.
Edit: Additionally, it's blocking connections from myself to myself on different ports even though the firewall is set to address restricted only. I don't get it.
There's these niggling issues this router seems to have with connection blocking that have been an irritant for the 9 or so years I've used it.. but it's still going strong (with my huge amount of QoS settings stored) so I haven't replaced it yet. Think I might have to finally do that, but I dread the thought.
--- End quote ---
DAOWAce:
Yeah, while typing I went to read my older posts then found out Spock is no longer with us then got further distracted by some drama of personalities I follow. Anyway..
The 4100 has no wireless support, is another feature I like because it's not broadcasting radiation right next to me. I know you can turn wireless off on most routers, but I question just how much EMF it still produces.
Firmware is 1.8 (which I heard was pulled but can't remember why).
Hardware rev: A3
Modem: Arris TM802G
WAN ping respond has always been enabled: I run a line monitoring tool to record the health of my connection.
My issue right now is that I'm trying to troubleshoot a poor performance issue with Skype video calling (one thread here). My connection to people is abysmal despite having a 120/35 service (which the DGL-4100 doesn't support Gigabit WAN on, so I'm limited to 92mbps), video keeps getting limited to 640x360 or even 320x180. Skype seems to constantly send ICMP packets to gauge the connection and my outbound ones are being blocked. This, assumingly, makes Skype think I have a bandwidth problem (latency = bandwidth, right) and drops the quality of my video to unwatchable levels. I've done all I can to troubleshoot the issue on my end on the PCs and the only thing left is looking at the router.
Also, when attempting to test the issue myself via a VM, the router was blocking my connections to myself (WAN IP) on different ports. ex: WAN IP:52386 to WAN IP:80.
And even more aside from that, but not relevant to my current issue, I am always in a 'no incoming connections' state when running bit torrent, despite forwarding all ports properly. It does connect and work well for downloads, but seemingly at a much reduced level at which it should be for uploads.
As I said, I don't want to disable the firewall as even if it works I'd be putting myself at more of a security risk, so I'm hoping there's another solution to the issue. I mean I could try it for troubleshooting reasons I suppose, but it won't be until later tonight.
I see the DGL-5500 has fallen to $80 and has quite poor reviews. I guess I'd be looking at a different brand in present time should I buy a new router.
FurryNutz:
Please give some of the suggestions a try.
Also try putting the PC with SKype in the DMZ and test.
Chaning the Firewall settings wont risk anything and would be only for a quick test to see if anything helps change the behavior. Set the EndPoint Independent as well while the firewall is enabled to see if anything changes.
Also setting up some QoS rule for the Skype PC may help as well, however since your on a ISP service speed thats fairly high, it's possible that the 4100 maybe not able to handle and perform well.
Check the enable WAN Ping Respond feature as well.
Even though I didn't get to experience the 4100, the 4500 was and still is a great router. As for the 5500, it's been disappointing that it's has a hard timeframe in development. It has made good strides in FW and the most current version of FW is the best thus far. Unfortunately the reviews reflect badly which in part isn't due to D-Links fault rather Qualcomm whom owns the StreamBoost core code. They have been less the forth coming in fixing issues there so D-Link has had some struggle in working with Qualcomm. So don't discount D-Link in there efforts in the 5500 development. They have worked hard to get it going right.
You may want to give the 5500 a test drive if you can find one with a return policy. See if maybe it works better for you. Another great router that I enjoy is the DIR-868L. One of D-Links finest routers for the home, video and gaming. I'm on my 2nd one. I gave my first one away as a gift. It maybe time to upgrade the 4100. ::)
--- Quote from: DAOWAce on February 27, 2015, 03:03:39 PM ---Yeah, while typing I went to read my older posts then found out Spock is no longer with us then got further distracted by some drama of personalities I follow. Anyway..
The 4100 has no wireless support, is another feature I like because it's not broadcasting radiation right next to me. I know you can turn wireless off on most routers, but I question just how much EMF it still produces.
Firmware is 1.8 (which I heard was pulled but can't remember why).
Hardware rev: A3
Modem: Arris TM802G
WAN ping respond has always been enabled: I run a line monitoring tool to record the health of my connection.
My issue right now is that I'm trying to troubleshoot a poor performance issue with Skype video calling (one thread here). My connection to people is abysmal despite having a 120/35 service (which the DGL-4100 doesn't support Gigabit WAN on, so I'm limited to 92mbps), video keeps getting limited to 640x360 or even 320x180. Skype seems to constantly send ICMP packets to gauge the connection and my outbound ones are being blocked. This, assumingly, makes Skype think I have a bandwidth problem (latency = bandwidth, right) and drops the quality of my video to unwatchable levels. I've done all I can to troubleshoot the issue on my end on the PCs and the only thing left is looking at the router.
Also, when attempting to test the issue myself via a VM, the router was blocking my connections to myself (WAN IP) on different ports. ex: WAN IP:52386 to WAN IP:80.
And even more aside from that, but not relevant to my current issue, I am always in a 'no incoming connections' state when running bit torrent, despite forwarding all ports properly. It does connect and work well for downloads, but seemingly at a much reduced level at which it should be for uploads.
As I said, I don't want to disable the firewall as even if it works I'd be putting myself at more of a security risk, so I'm hoping there's another solution to the issue. I mean I could try it for troubleshooting reasons I suppose, but it won't be until later tonight.
I see the DGL-5500 has fallen to $80 and has quite poor reviews. I guess I'd be looking at a different brand in present time should I buy a new router.
--- End quote ---
Navigation
[0] Message Index
[#] Next page
Go to full version