Balance 30 shutting down VPN, disabling external port rules, disallowing ADMIN login, etc


#1

I installed a Balance 30 at our main office about a year ago. About 45 days ago, the Balance would stop responding to external requests (only certain mapped ports) … the IPSec VPN connection to our remote office would disconnect and my remote office Balance router would start screaming at me saying that link has been dropped. The Balance 30 never generated an error message indicating any error with itself (which for WAN connections this is set up correctly).

Additionally, when the Balance 30 stops responding to external requests, it stops responding to LAN requests (i.e., you cannot access the login page and cannot ping it)… we use a lot of remote desktop and VNC tools, we CAN pass through the router to the LAN client using VNC, but only on -some- mapped TCP connections, not all of them.

The only way to correct whatever the issue is with the Balance 30 is to power cycle it. It’s back to normal. It may last six hours, or three days before another issue crops up.

It fails at random times in the evening, sometimes during the day, sometimes at 5am when very little traffic is passing through it.

WAN1 is my primary connection through the cable modem
WAN2 is my always-on backup
WAN3 is a secondary always-on connection through the cable modem, which I installed as an experiment to see if I could access the Balance 30 during one of its ‘fits’

Additionally, I turned on the SSH on port 8822 and tested the username/password of my admin account -before- any errors happened, which worked fine. I was able to reboot the Balance 30 using the SSH server.

When I received the email from my remote router (a Balance 20) yesterday saying the PepVPN had failed, I tried to log in using SSH 8822. The login username/password prompts came up as they did before when I tested it, entered ‘admin’ for my admin account, as usual… BUT, when I put my admin account password in, it would NOT take the password. I threw every password I had at that prompt and it still never logged in. There’s something else weird going on with this router if that is the case, but, if it doesn’t generate some kind of error for me from some kind of self diagnostic, how am I supposed to troubleshoot it? I don’t think it’s a load issue, as the Balance 30 doesn’t fail under huge amounts of traffic, for example, my nightly backup of a 4GB database from the remote office to this one.

I have no aircard in the USB port, I don’t use it.

Under normal circumstances, it’s set-it-and-forget-it, which I have up until a little over a month ago. I have run it up to 90 days straight without a reboot. Before I throw this in the trash and go out and buy a newer Balance box, has anyone had this problem? I’m very concerned that my admin/password in the SSH shell did not work, although once you power cycle the router, it is like nothing ever happened – everything returns to normal.

Help requested. Thank you in advance for anything you can tell me. I’ve been as descriptive as I can be (I hope).

-BT


#2

Hi @Thunderbolt_TBC_Digi,

Thank you for the detailed and thorough explanation of the behavior you are observing. This is unexpected and we would like to investigate, please open a support ticket here to facilitate an investigation at your earliest convenience.

Thank you.


#3

Hey BT …

I see Peplink tech support is already “on it.” Excellent (and expected – this is a responsive manufacturer.)

Thought I might mention: I don’t know how many similar devices you have in service but I can tell you this is an aberration. Respectful advice: Stick with 'em. In our experience (quite a number of Balance and SOHOs in service) the only time one must reboot is during the firmware upgrade process.

There are probably a lot of us who are interested in the outcome of your situation. Please report back after your learn more from Peplink’s involvement!

  • Rick

#4

Thanks, Jeffrey. Ticked sent and attachments uploaded.

BT


#5

Rick,

I have this Balance 30, and two Balance 20s. I love the built-in VPN and the option to do IPSec VPN if I need it. Just a couple things that stand out to me among others. This device was fun to learn when we were installing it, it is a superior product in my opinion, and is the Caddy as far as features go compared to other brands.

Our company does a lot of direct-to-factory business in regards to support for devices and hardware (not mentioning any brands, but AoIP audio codecs, GSM and CDMA services, broadcast automation, and digital streaming). Needless to say, we heavily rely on these routers to ‘make our stuff go’ – in order to sell our digital advertising and make our radio stations stay on the air… not to mention tying our offices together securely.

Just a little background about our business and what we do here with your equipment. This will be my first experience dealing with Peplink tech support staff. Looking forward to a great relationship here with the Peplink team. Thanks to both of you for your responses! I’ve sent in my ticket and router files for inspection.

-BT