Community Forum

Dropping VPN every hour (Net Neutrality?)

Highlighted
Frequent Visitor

Dropping VPN every hour (Net Neutrality?)

I'm the head of the IT department for a small pharmaceutical logistics company. We have a number of Avaya VPN phones deployed to multiple employees. About 4-5 weeks ago, around the beginning of August all the phones who had Comcast as their ISP would drop their VPN connection every hour and at the top of the hour. So literally at 1:59:45PM, the conection would drop and the phone would reboot as a result which would then again drop at 2:59:45PM. We have other users that have other ISP's and this would not happen to those users. The non Comcast users have sessions going on multiple days without a disconnect. I contacted Comcast support but they are giving the usuall SOP of refreshing my modem, verifying the signal and now want to to send a tech. If I try to explain its not my modem, the support tech tells me its the VPN provider. I have proof its not. I am a Comcast user located in Illinois and I have another Comcast user located in New Jersey with precisely the same results. I'm trying to get a hold of a higher level support to explain what is happening or get some resolution to the issue. This was not a problem before August and we did not do any configuration change to our VPN. I should add, the main office VPN uses Comcast Enterprise class fiber, so Comcast Home users are the only ones having issues staying connected to Comcast Enterprise. Is Comcast Home network configured to drop these types of connections, how do we get ourselves whitelisted. Its a major problem.  I have posted 2 images that show the VPN monitoring logs on the Cisco ASA. User 5882 (me) and phone3108 are Comcast users, one in Illinois, the other in New Jersey. The login time and duration is only 15 seconds apart. The other images shows each user creating new sessions, again about 15 seconds apart and at the top of the hour. The ASA didn't get a disconnect which created duplicate sessions (which will timeout). Last you can see 2 other users with 3 and 5 day long sessions. Please fix this without giving me the usual "lets send a tech out" answer.

Tags (4)
VPN1.png
VPN2.png
Regular Visitor

Re: Dropping VPN every hour (Net Neutrality?)

I work at a large financial services company, and we are having this very same problem, for the past 3 or 4 weeks on Avaya VPN phones, but also on Windows clients.. People are experiencing disconnects at 59 minutes past the hour at random times during the day. Unfortunately the VPN software is not detecting this as an actual disconnect, and still thinks that it is connected, so from the user point of view, everything just stops working until they manually decide to disconnect and reconnect.
Expert

Re: Dropping VPN every hour (Net Neutrality?)

You'll probably have better luck posting this in the Comcast Business Forums


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

Its not Comcast Business, its the Home service. As I mentioned in my original post, our main office runs Comcast Enterprise services (fiber) and non-Comcast end users are not experiencing this. Only Comcast Home users are getting the disconnect. 

New Poster

Re: Dropping VPN every hour (Net Neutrality?)

Any update on this? Myself and other Co-Workers using Comcast are experiencing the same problem. Yesterday was the first time I had this happen while I was in the middle of the call. Previous to that it would only happen when my Avaya VPN phone was idle.

 

Symptoms I have:

0:59 - loses dial tone and says "Connecting..."

0:04 - VPN phone reboots

 

Initially this would happen every hour if I wasn't on a call. If i was on a call, it wouldn't happen.

After about a week or two, it was random instead of hourly.

 

I have been using the Avaya VPN Phone for a few years w/ Comcast w/o no issues until this started happening at the beginning of August. I have verified w/ my Networks team no changes have been made to the telecom systems or VPN and they have also verified this is only happening to Comcast Home customers.

Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

Add another to the list, this is the same behavior I am seeing with my Avaya phone.  I am not seeing the same behavior with my work laptop, my VPN connection for my laptop seems to stay connected throughout the day.

 

Occasionally, my phone will survive the crossover to a new hour, but if I am not on the phone, it almost always disconnects just before the top of the hour.  I have many meetings that start on the hour and it is extremely painful to take the phone off hook to discover that it is disconnected and will need to reboot in order to reconnect.

 

I'm glad to see this thread, there is a clear pattern here with Comcast Home Users and Avaya phones, it's not just me or my specific connection.

New Poster

Re: Dropping VPN every hour (Net Neutrality?)

Add another - this has been happening for some time now to multiple users within the organization I am part of.  This occurs with Cisco VPN users, we do not have the Avaya VPN Phones.  Has anyone been able to get additional information on a cause or a fix yet?

New Poster

Re: Dropping VPN every hour (Net Neutrality?)

The small healthcare company is having the same problem. One of our users got a new cable modem and the problem went away. Has anyone tried getting a new modem to fix the problem?

Expert

Re: Dropping VPN every hour (Net Neutrality?)

I'm going to try referring this possible pattern /  topic to the resident Experts here who can then escalate your issue to the Comcast corporate employees that are available to these boards. 



I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

RandomAmerican has a point, one that had occured to me.  I am wondering if there was a firmware update or something similar that happened to my cable modem that triggered this issue.  From what I can tell, there's no way for me to see when the firmware in the modem might have been updated.

 

FWIW, I have an Arris TG1682G telephony modem with the following software.  Perhaps others have a similar configuration?

eMTA & DOCSIS Software Version:10.1.27B.SIP.PC20.CT

Software Image Name:TG1682_3.1p5s1_PROD_sey

Advanced Services:TG1682G

Packet Cable:2.0

 

New Poster

Re: Dropping VPN every hour (Net Neutrality?)

We have plenty of information to pass along to them. Multiple users reporting the issue every day and times are very consistent. A number of us have opened a ticket with them and we may have identified a point of escalation. Will share an update if I get one.
Regular Visitor

Re: Dropping VPN every hour (Net Neutrality?)

I too work for a company supporting our Avaya telephones and ALL of our VPN users with Xfinity/Comcast are having the exact same issue.  Those with AT&T, Google or any othe ISP are NOT experiencing this issue.

 

I have one person whose phone was rebooting every hour on the hour at :59. My home VPN phone has been rebooting every 2 hours on the 59.

 

Xfinity/Comcast what has changed?

Expert

Re: Dropping VPN every hour (Net Neutrality?)


@vpaul1979 wrote:

Its not Comcast Business, its the Home service. As I mentioned in my original post, our main office runs Comcast Enterprise services (fiber) and non-Comcast end users are not experiencing this. Only Comcast Home users are getting the disconnect. 


This is a peer-to-peer customer support forum for Residential Services, and you won't find many users of business services here.  Had you posted this question on the Business Forums,  a more experienced user or Business Class Specialist would probably have spotted the problem early on. 

 

I haven't closed or moved this thread for being Off Topic to the Home Network subforum to allow feedback from other users to be posted, as there appears to be genuine interest in the matter. 

 

 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

This is a home user issue and asking home user support is, IMO, the correct course of action. 

 

I can find no such threads in the Business forums.  As we are not a Business customer, I'm not entirely certain asking there will be appropriate however I will try. It also doesn't appear the link I found for the Busines side is active. The newest message seemed to be from 2016.  Can you send us a link to the correct one? 

 

Thank You 

(signed) a telecom manager with 200 frustrated work at home agents

 

 

Expert

Re: Dropping VPN every hour (Net Neutrality?)


@bsavery247 wrote:

This is a home user issue and asking home user support is, IMO, the correct course of action. 

 

I can find no such threads in the Business forums.  As we are not a Business customer, I'm not entirely certain asking there will be appropriate however I will try. It also doesn't appear the link I found for the Busines side is active. The newest message seemed to be from 2016.  Can you send us a link to the correct one? 

 

Thank You 

(signed) a telecom manager with 200 frustrated work at home agents

 

 


If you're using a VPN phone system, even on a residential account, please note that Comcast doesn't provide support for VPN connections, and any VPNs on residential networks are to be for personal, non-commercial use only

 

I'm not trying to play enforcer here, I'm just pointing out that you're more likely to get help over there than here, as there are a lot more business class savvy users over there. 

 

I posted the link to the Business Forums upthread, but I'll link you to it again.

 

Personally, if I were troubleshooting this issue, I would've first attempted to rule out the Comcast gateways as the source, by asking the affected people if they were using their own modems/routers, as opposed to the leased gateways. 

 

 

 

 

 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
New Poster

Re: Dropping VPN every hour (Net Neutrality?)

We've now had two users get new modems, 1 user do a modem reboot, and 1 user get a firmware upgrade rollback, and they are now all working. 

 

Not sure what happened, but maybe Comcast did a firmware rollout last month on the residential cable modems? Is there someone from Comcast management or support who can let us know if a firmware update went out in the last few weeks to residential modems?

 

Thanks. 

Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

All my users are using leased modems from Comcast. I posted it in the Home forum because it pertains to the business unit I am receiving service from. Comcast Home, Business and Enterprise operate as separate entities and thus only support their own services. We had a Comcast Business technician visit our office where we had our fiber line installed which, is an Enterprise service and thus he would not touch it. 

 

However, per the Acceptable Use Policy for XFINITY Internet

NETWORK AND USAGE RESTRICTIONS

  • use the Service for any purpose other than personal and non-commercial residential use (except for your individual use for telecommuting);

VPN connections from homes to offices is telecommuting and acceptable use for home services.

Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

I should add, we've reached out to the Comcast Enterprise about this issue. We pay a fortune for fiber services and we figured they can make mountains move to provide the best in class service. So far all they've wanted to do is inspect their own service and equipment, even though we've shown them other non-Comcast Home users can maintain an active VPN connection indicating their equipment and service is just fine. They have not indicated they've communicated or coordinated with the Home service teams.

Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

As I suspected.... since I am not a Business Customer, I can't even post in the Business Forums, much less ask for assistance from that group. 

 

 

Expert

Re: Dropping VPN every hour (Net Neutrality?)

This is not a net neutrality issue. But it does look like something that Comcast's engineers need to take a look at. 

 

I've asked a Comcast employee to help. You should expect a reply in this thread. 




I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Regular Visitor

Re: Dropping VPN every hour (Net Neutrality?)


@Nerdburg wrote:

This is not a net neutrality issue.


You can't know this.  Most of the staff at Comcast wouldn't even know this.  This could very likely be a case where Comcast decided to drop VPN traffic every hour to discourage constant connections which is something that wouldn't be allowed under net neutrality. 

Expert

Re: Dropping VPN every hour (Net Neutrality?)


@GregMo72 wrote:

@Nerdburg wrote:

This is not a net neutrality issue.


You can't know this.  Most of the staff at Comcast wouldn't even know this.  This could very likely be a case where Comcast decided to drop VPN traffic every hour to discourage constant connections which is something that wouldn't be allowed under net neutrality. 


Huh? That doesn't make sense. A cable modem by its very nature is an always on internet connection. 

Besides, a violation of net neutrality would only be occuring if Comcast were offering its own VPN service, and thus throttling its competition to promote its own, like what happened with Netflix in 2013 prior to the peer hosting deal they made. That's absolutely not the case here. 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Expert

Re: Dropping VPN every hour (Net Neutrality?)


@vpaul1979 wrote:

All my users are using leased modems from Comcast.


And all of them have the issue. Interesting. 

 

@RandomAmerican wrote:

We've now had two users get new modems, 1 user do a modem reboot, and 1 user get a firmware upgrade rollback, and they are now all working. 

 

Not sure what happened, but maybe Comcast did a firmware rollout last month on the residential cable modems? Is there someone from Comcast management or support who can let us know if a firmware update went out in the last few weeks to residential modems?

 

Thanks. 


 Given what I just found out above, what devices did the users who got their issues fixed have before and what do they have now?  


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Expert

Re: Dropping VPN every hour (Net Neutrality?)


@GregMo72 wrote:

@Nerdburg wrote:

This is not a net neutrality issue.


You can't know this.  Most of the staff at Comcast wouldn't even know this.  This could very likely be a case where Comcast decided to drop VPN traffic every hour to discourage constant connections which is something that wouldn't be allowed under net neutrality. 


Okay, let's go with your scenario. How would this benefit Comcast?


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)


@darkangelic wrote:

@GregMo72 wrote:

@Nerdburg wrote:

This is not a net neutrality issue.


You can't know this.  Most of the staff at Comcast wouldn't even know this.  This could very likely be a case where Comcast decided to drop VPN traffic every hour to discourage constant connections which is something that wouldn't be allowed under net neutrality. 


Huh? That doesn't make sense. A cable modem by its very nature is an always on internet connection. 


In watching the connected devices on my cable modem, my phone remains connected.  It is the VPN connection my phone has made to my company's VPN that is being terminated.  Once the termination occurs, I can still see my phone as connected (at least until the phone reboots a few minutes later).  But it cannot make a phone call because the VPN connection has been lost.

Expert

Re: Dropping VPN every hour (Net Neutrality?)


@rdmcclintock wrote:

@darkangelic wrote:

@GregMo72 wrote:

@Nerdburg wrote:

This is not a net neutrality issue.


You can't know this.  Most of the staff at Comcast wouldn't even know this.  This could very likely be a case where Comcast decided to drop VPN traffic every hour to discourage constant connections which is something that wouldn't be allowed under net neutrality. 


Huh? That doesn't make sense. A cable modem by its very nature is an always on internet connection. 


In watching the connected devices on my cable modem, my phone remains connected.  It is the VPN connection my phone has made to my company's VPN that is being terminated.  Once the termination occurs, I can still see my phone as connected (at least until the phone reboots a few minutes later).  But it cannot make a phone call because the VPN connection has been lost.


Are you trying to bolster that user's argument that this is a Net Neutrality issue? Because you're overlooking some salient points:

 

  1.  All a VPN does is encrypt traffic from one node to another to maintain security, which is pretty much what anyone using Google Chrome has.  Since nobody has seen Chrome suddenly be unable to connect to the internet, that can't be the case.
  2.  One of the users above maintains that a laptop on a VPN remains connected even as their phone drops the connection. How does that make sense if there's throttling involved, since surely a laptop consumes more data than a phone?
  3. Another maintains that their users got their phone issues fixed by equipment swaps, upgrades or even a downgrade. So how does this tie in with Net Neutrality?

 

If what I suspect is true, and only the Comcast leased gateways are affected, that means this is a routing issue with the gateways, and thus a technical problem. Net Neutrality has nothing to do with it. 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)


@darkangelic wrote:

@rdmcclintock wrote:

@darkangelic wrote:

@GregMo72 wrote:

@Nerdburg wrote:

This is not a net neutrality issue.


You can't know this.  Most of the staff at Comcast wouldn't even know this.  This could very likely be a case where Comcast decided to drop VPN traffic every hour to discourage constant connections which is something that wouldn't be allowed under net neutrality. 


Huh? That doesn't make sense. A cable modem by its very nature is an always on internet connection. 


In watching the connected devices on my cable modem, my phone remains connected.  It is the VPN connection my phone has made to my company's VPN that is being terminated.  Once the termination occurs, I can still see my phone as connected (at least until the phone reboots a few minutes later).  But it cannot make a phone call because the VPN connection has been lost.


Are you trying to bolster that user's argument that this is a Net Neutrality issue? Because you're overlooking some salient points:

 

  1.  All a VPN does is encrypt traffic from one node to another to maintain security, which is pretty much what anyone using Google Chrome has.  Since nobody has seen Chrome suddenly be unable to connect to the internet, that can't be the case.
  2.  One of the users above maintains that a laptop on a VPN remains connected even as their phone drops the connection. How does that make sense if there's throttling involved, since surely a laptop consumes more data than a phone?
  3. Another maintains that their users got their phone issues fixed by equipment swaps, upgrades or even a downgrade. So how does this tie in with Net Neutrality?

 

If what I suspect is true, and only the Comcast leased gateways are affected, that means this is a routing issue with the gateways, and thus a technical problem. Net Neutrality has nothing to do with it. 


Nope, not trying to bolster the Net Neutrality argument.  I am just trying to report what I know and was reinforcing your point that the cable modem and downstream devices remain connected.  But something is terminating my phone VPN, something that you could count on to tell time.  With almost no exceptions (maybe a few times a week), if I am not on my phone at roughly 58 minutes after the hour, my VPN phone connection is terminated.  If I am on the phone, the connection survives (although for the first time yesterday, I did lose a live phone call).  Once the 58 minute mark is hit, the phone is non-responsive until it reboots, it will start the reboot sequence a few minutes after the VPN connection is lost.

 

In an earlier reply, someone reported that their non-phone VPN was being terminated.  That is not my experience, nor the experience of others in my company that are seeing the same phone problem.  There are at least 5 of us in different parts of the country (Connecticut, Wisconsin, California) that all started seeing this issue with our phones at (roughly?) the same time.  It took us a while to connect the dots and ultimately to find this thread.  My laptop is also connected to a VPN, I do not see any disruption.

 

One of my co-workers also in Connecticut is on a Comcast leased modem like I am.  As I noted above, mine is an Arris modem, hers is a Cisco modem.  It would appear from one of the comments above that a modem reboot and/or a rollback to an earlier version of firmware seemed to solve the issue.  That seems to point at the firmware as the "culprit", but I remain open-minded.  If it is related to the cable modems and it is occurring on different cable modem models, it would seem as if the change was a deliberate change.  Perhaps it's an accidental side effect of some other change, perhaps not.  I do not have enough information to know.

Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

I only put Net Neutrality as theory. The FCC rolled it back on June 11th 2018 and then less than 2 months later this issue appears. The timing of these events just seemed suspicious, but can entirely be coincidental too, although I personally think its Net Nuetrality. In a previous post I mentioned how a Business tech came to my office and would not touch our fiber line. I told him about the issue we are having with the VPN dropping and he said Comcast Home is throttling VPN traffic.  How he knows this I cannot answer, but any sort of throttling is an indication that Comcast Home has rolled back some Net Nuetrality regulations and is now entirely within their right. Personally, I dont care, throttle my VPN, just dont drop it. The tech did say that he knows "gamers" are getting business class internet because traffic with that service is not being throttled. Again, I don't know how he knows this, but its what was said.

 

I appreciate everyones feedback and contributions to this thread. 

New Poster

Re: Dropping VPN every hour (Net Neutrality?)

I can't speak to Net Neutrality. 

 

My guess is Comcast did a modem update of some sort (firmware maybe??) and it's flaky. As we know, VPN needs a constant connection without fail. That is less of an issue when browsing the web. If you lose your internet for 10-15 seconds, you lose VPN, but your browsing or even streaming will just restore. VPN is not that resilient in most cases.

Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

I should have added one more possible variation here (this is outside my area of expertise); a phone connection may also run over a connection using Session Initiation Protocol (SIP) which is established to ensure a certain level or quality of service.  Does that mean that the cable modem or some downstream process is targeting/impacting connections with that protocol?  The issue is not impacting all VPN connections.

Expert

Re: Dropping VPN every hour (Net Neutrality?)


@RandomAmerican wrote:

I can't speak to Net Neutrality. 

 

My guess is Comcast did a modem update of some sort (firmware maybe??) and it's flaky. As we know, VPN needs a constant connection without fail. That is less of an issue when browsing the web. If you lose your internet for 10-15 seconds, you lose VPN, but your browsing or even streaming will just restore. VPN is not that resilient in most cases.


I asked this upthread, but you mentioned that several of your users have had their issues fixed, what equipment did they have before and what do they have now? 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
New Poster

Re: Dropping VPN every hour (Net Neutrality?)

In our case, a couple of users went from an XB3 modem to an XB6 modem. Their problems went away. One person had a firmware rollback on their XB3 modem, and they were fine. 

New Poster

Re: Dropping VPN every hour (Net Neutrality?)

I am a telecommunter using my home internet and VPN.  Today, I've been dropped 4 times from the VPN, 8AM, 9AM, a time I didnt note and 2 PM.   I opened a Comcast Ticket, CR804169380.

Expert

Re: Dropping VPN every hour (Net Neutrality?)


@sharring wrote:

I am a telecommunter using my home internet and VPN.  Today, I've been dropped 4 times from the VPN, 8AM, 9AM, a time I didnt note and 2 PM.   I opened a Comcast Ticket, CR804169380.


Are you using a leased Comcast gateway device? If so, what model is it? 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Frequent Visitor

Re: Dropping VPN every hour (Net Neutrality?)

I purchased a Netgear AC1900 Nighthawk cable modem Wifi router. The problem went away. Seems like the leased modems had a firmware update that is the root problem.

New Poster

Re: Dropping VPN every hour (Net Neutrality?)

Hello, We have about 2500 users connecting via Cisco AnyConnect VPN.  Of this 2500 we have about 100 users having this exact issue.  All users are Comcast Users using the Wireless Gateway 3 router provided by Comcast.  Issue started about a month ago.  The issue is that it's not dropping the connection, the problem is that NAT/PAT on the router is changing the source port mid stream.  I attatched a snapshot of a single datagram exactly when the issue occurs.  One is a capture on the users laptop the source port is 59698.  The other capture is on our VPN server (Cisco ASA) has a source port of 1035.  If you look at the UDP stream before the issue occurs, source port is 59698 on both captures. Everything after this issue occurs port is 1035.  Since the source port changes the ASA is just discarding the traffic because it's not what it's expecting. This looks like a major bug in the software. How do we get Comcast engineering team to look into this issue? 

1.png
2.png
Expert

Re: Dropping VPN every hour (Net Neutrality?)


@dnocito43 wrote:

How do we get Comcast engineering team to look into this issue? 


This thread was elevated to the Comcast Specalists a week ago, they're looking into it right now. I'm going to try and get an update as soon as possible. 

 

In the meantime, since apparently only the XB3 leased gateways appear to be affected, a quick temporary workaround would be to install a personal router and set the gateway to Bridge Mode, as outlined in this KB article.  (At this point, you're probably better off buying your own modem outright, as it'll save you the costs of leasing the equipment as well as give you a lot more control over your network). 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Official Employee

Re: Dropping VPN every hour (Net Neutrality?)

Hello, vpaul1979 - 

 

Thank you for reaching out about this issue, and I'm sorry for the delay. I'm glad to hear that the issue was resolved once a new modem was purchased. 

 

dnocito43 - I would be more than happy to take a look at this further with you. Please send me a PM with your first and last name to get started. Thanks! 

To send me a Private Message, please click my name “ComcastAlly” and click “send a message.”


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Regular Visitor

Re: Dropping VPN every hour (Net Neutrality?)

Hi,

 

I would like to add that this is also impacting our employees. I work for a 35,000-employee company called “Travelers Insurance”. I support the VPN engineering side and we have thousands of our employees that use the comcast service. Some have business accounts but primarily they are personally owned accounts (Lets only talk about these). Comcast is the only ISP in question as we do not have reports from other ISP’s deliberately dropping VPN. Our servers have no errors or reports. Our log files state the drop is initiated by Comcast (thus keeping all other devices in the home not on VPN connect).

 

We have been having luck with disabling the “Public Hotspots” on users accounts but it is not “solving” it for everyone. Issues started 7-8 weeks ago.

 

This is not a local machine issue or a modem issue. What can be done to prevent this? Modem firmware update? A temp fix of using a router or disabling public hotspots is not an option.

 

Thanks,

Matt

Expert

Re: Dropping VPN every hour (Net Neutrality?)


@OneAndOnlyGravy wrote:

 

This is not a local machine issue or a modem issue. What can be done to prevent this? Modem firmware update? A temp fix of using a router or disabling public hotspots is not an option.

 

Thanks,

Matt


So far every single user impacted by this has been using the leased Comcast XB3 gateway.  Those who have personally owned modems/routers, the Comcast XB6 Advanced Gateway, and XB3's that had older firmware seem to be unaffected.

 

Do you have information that indicates otherwise? 

 

 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
New Poster

Re: Dropping VPN every hour (Net Neutrality?)

Hello All, If your using a SSL VPN like AnyConnect you can check to see if you have DTLS enabled.  When you connect to Cisco AC it builds a TLS connection first.  Then it tries to build a DTLS connection over UDP to make VPN more effient.  When DTLS is established this is used as your data channel. The TLS is still used for tunnel control.  What were seeing is that the DTLS source port is being altered mid stream and effectivly killing the data stream. Our VPN stays connected becuase TLS (control) still works but all data is dropped.  DTLS is not mandatory it's just used to make tunnel more effient.  As a workaround I built a second profile on the ASA that disabled DTLS.  This fixed all drops.  This is not our desired resolution but a band-aid until we can get to the bottom of the issue. 

Regular Visitor

Re: Dropping VPN every hour (Net Neutrality?)

This is great info. No. At this point we have not been writing down every modem model. But the types of calls and when people got new modems from comcast and when they started having issues, points to that modem being the issue.

Expert

Re: Dropping VPN every hour (Net Neutrality?)


@OneAndOnlyGravy wrote:

This is great info. No. At this point we have not been writing down every modem model. But the types of calls and when people got new modems from comcast and when they started having issues, points to that modem being the issue.


Over the past few months Comcast has been migrating customers with older modems or gateway to the newer models - the XB3 for speeds up to 250 Mbps, and the XB6 for 400 Mbps and Gigabit - to support faster speeds. Most of them probably were given the XB3, since they were subscribed to those speed tiers. ....quite serendipitous. 

 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Official Employee

Re: Dropping VPN every hour (Net Neutrality?)

Hi, OneAndOnlyGravy - 

 

I can help with this issue. Like others have said, this is likely an issue with the modem. If you need help replacing the modem, please send me a PM with your first and last name. Thanks! 

 


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
New Poster

Re: Dropping VPN every hour (Net Neutrality?)

@ComcastAlly wrote:

Hi, OneAndOnlyGravy - 

 

I can help with this issue. Like others have said, this is likely an issue with the modem. If you need help replacing the modem, please send me a PM with your first and last name. Thanks! 

 


I've contacted a handful of users and model numbers are below. 

 

TG1682G WG3
TG1682G WG3
TG1682G WG3
TG1682G WG3
TG1682G WG3

DPC3941T WG3

DPC3941T WG3

 

Software levels are:

 

eMTA & DOCSIS Software Version: 10.1.27B.SIP.PC20.CT
Software Image Name: TG1682_3.1p5s1_PROD_sey
Advanced Services: TG1682G
Packet Cable: 2.0

 

and

 

eMTA & DOCSIS Software Version: 10.1.27B.SIP.PC20.CT
Software Image Name: TG1682_3.1p3s2_PROD_sey
Advanced Services: TG1682G
Packet Cable: 2.0

Official Employee

Re: Dropping VPN every hour (Net Neutrality?)

Hi, All - 

 

I just wanted to let you know that I'm researching this issue further. I will respond back to each of your PM's when I have more information and update this thread as well. Thanks for your patience!


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Official Employee

Re: Dropping VPN every hour (Net Neutrality?)

Hi, everyone! 

 

I was able to find more information regarding the VPN issues you're referring to. It does look like this is a known issue that seems to affect the XB3 platform that we are working on. A temporary workaround is to place the affected client in the XB3's DMZ. I apologize for the inconvenience. 


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
New Poster

Re: Dropping VPN every hour (Net Neutrality?)


@ComcastAlly wrote:

Hi, everyone! 

 

I was able to find more information regarding the VPN issues you're referring to. It does look like this is a known issue that seems to affect the XB3 platform that we are working on. A temporary workaround is to place the affected client in the XB3's DMZ. I apologize for the inconvenience. 


Thanks ComcastAlly,  Do you have an ETA of a permanent fix?

Official Employee

Re: Dropping VPN every hour (Net Neutrality?)

dnocito43 - I don't have an ETA yet, however, I can update the thread here once one becomes available.


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Regular Visitor

Re: Dropping VPN every hour (Net Neutrality?)


@ComcastAlly wrote:

Hi, @ComcastAlly

 

What do you mean by place the affected client in the XB3's DMZ?

I also work from home and have a XB3 leased from Comcast and have been having this issue for several weeks.