• March 18, 2024, 08:32:21 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DFL-260, Unable to SAT the VPN traffic, mismatching_tcp_window_scale  (Read 8844 times)

c0re

  • Level 1 Member
  • *
  • Posts: 1

Hi,

I have the following scenary:
  • ROUTER1 - DFL-260 with static WAN and LAN IP 192.168.1.6
  • ROUTER2 - Mikrotik hAP lite with static WAN (ether1) connected to ROUTER1 LAN and WAN IP 192.168.1.254

And I need access to some Mikrotik services. Like as SSH, Winbox and VPN (PPTP and IPSec)

I configured forwarding some tcp port (like as SSH 22, WinBox 8291, etc) from ROUTER1 to ROUTER2 and it work perfectly
But i need also forward some VPN traffic like PPTP, IPSec
Lets see PPTP

Similarly to port forwarding, on ROUTER1 (DFL) I created a SAT rule for pptp-suite
And similarly created a policy.

But it's not worked
Having a look at the log, i find this:

DateSeverityCategory/IDRule ProtoSrc/DstIfSrc/DstIPSrc/DstPortEvent/ActionNotation
2019-04-04
14:01:14
WarningTCP_OPT
3400019
TCPwan
core
MY_WAN_IP
DFL_WAN_IP
52648
1723
mismatching_tcp_window_scale
adjust
old=2 new=not_used effective=not_used origsent=152 termsent=0 ipdatalen=28 tcphdrlen=28 syn=1
2019-04-04
14:01:05
InfoCONN
600001
Subsidy-Policy-1TCPwan
core
MY_WAN_IP
DFL_WAN_IP
52648
1723
conn_opensatdestrule=pptp2Subsidy conn=open

what is the problem?
when as ROUTER1 was acted D-link DIR-300, it was enough to set up port forwarding tcp 1723 and everything worked.

what am I doing wrong?
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DFL-260, Unable to SAT the VPN traffic, mismatching_tcp_window_scale
« Reply #1 on: April 16, 2019, 11:18:34 AM »


I recommend that you phone contact your regional D-Link support office and ask for help and information regarding this.
Link> Tech Support Contact Information
We find that phone contact has better immediate results over using email.
Let us know how it goes please.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.