1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

DirecWay Satellite Connection

Discussion in 'Networking' started by rocknchic, Apr 23, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
    :confused:

    Does anyone know why I cannot log into my employers VPN network using my Direcway connection?

    I have satellite internet with Direcway, and it works for everything else I do. But when I go to sign in at work, it says the remote computer is not responding... and I know it should be.

    Why do I have a feeling I'm going to find out this is impossible to do??... lol I HATE dialing in.
     
  2. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
    This is all I can find.. in English anyone?


    Q: Can I run a VPN over DIRECWAY Professional?
    A: Running a VPN client over a satellite network is not an ideal configuration. Although most VPN clients will work, average download speeds with the VPN active will be reduced from typical DIRECWAY speeds by as much as 50 to 75 percent. When you need to access information from your corporate LAN you can enable your VPN client, keeping in mind that you will see a reduction in throughput. When the VPN session is finished simply disable your VPN client and enjoy the full speed of DIRECWAY while surfing the Internet.

    At this time, HUGHES does not endorse or support any VPN products. Customers that run VPN products do so at their own risk and will not receive support from HUGHES regarding troubleshooting, configuring, optimizing, or maintaining a VPN connection. It is recommended to use a VPN client on a limited basis.

    << back to top

    22 Q: Why does the service slow down when used in conjunction with a VPN?
    A: Without consideration for the latency introduced by the path delay to geosynchronous communications satellites (in orbit above the earth’s equator at an altitude of 22,300 miles), high-speed Internet transmission would be difficult. Satellite service providers do however offer high-performance Internet access over satellites (like DIRECWAY) using sophisticated TCP/IP protocol processing and data acceleration algorithms. An IPSEC/VPN secure encrypted connection (IPSEC is the most widely used VPN technology in use) encapsulates the TCP/IP data (called tunneling) which renders useless these performance enhancement techniques. Hence the user’s speed is degraded.

    Secure network architectures using satellite access requires a disciplined implementation and close coordination between the service provider and the corporate network customer. Have your IT or data network representative contact HNS re: these specialized services.
     
  3. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
  4. 10forcash

    10forcash

    Joined:
    Aug 7, 2003
    Messages:
    343
    VPN Over direcway is problematic at best, due to the latency of the link ( the time from you to the satellite to the earthstation and to the other IP address) even if the other end of the VPN tunnel is on direcway, the satellite cannot 'route' the data, it has to go to the earthstation first. We use the european version of Direcway, even though all remote nets are on the same subnet (192.168.6.xxx) VPN links are not viable.
    HOWEVER, the DW6000 uses a different satellite and protocols, rumour has it ( in europe at least) that the latency and satellite software is improved enough to unofficially allow VPN to work.
    We currently encrypt all data using an implementation of PGP, as the data is time sensitive, any decription more than 2 hours old doesn't matter.
    not tried the DW6000 yet but I have a new site install somewhere sandy happening soon, so if VPN works, i'll let you know.
    Cheers,
    10forcash
     
  5. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
    Well that's what I have- DW6000... theoretically, connecting to a VPN "should" work according to what I'm reading, but should have lagged speeds... even with lagged speeds wouldn't it still be faster than dial-up? So why can't I get it even to connect? Of course Direcway will not support any sort of VPN "officially" so calling my install guy won't help. Grr... I'm trying this question at some direcway "boards" I found online in hopes of finding an answer... this is making me crazy! I do not want to connect through dial up- it's so.. SO slow.. :(
     
  6. 10forcash

    10forcash

    Joined:
    Aug 7, 2003
    Messages:
    343
    Is your VPN server using fixed IP access ?
    Cheers,
    10forcash
     
  7. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
    mmmm I dont think so... seems we had different IP's when I had comcast... it would change now and then... and it never affected my VPN connection.
     
  8. 10forcash

    10forcash

    Joined:
    Aug 7, 2003
    Messages:
    343
    Is Comcast Satellite or xDSL / Cable ? The MTU on your VPN server may need to be increased to allow for the latency
    Cheers,
    10forcash
     
  9. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
    errr... it's Direcway... I don't have the option of comcast cable or dsl.. they aren't available in my area.... hence the satellite. I could always dial into the VPN through dial up.. but that's insanely slow... even with the latency, satellite would be faster than dial up. But it hasn't connected so far... perhaps because of the altency, the vpn server rejects me.. not sure...

    *help!*
     
  10. 10forcash

    10forcash

    Joined:
    Aug 7, 2003
    Messages:
    343
    Yep, I know youre on Direcway, I was asking if comcast was satellite or cable to acertain if, assuming Comcast is satellite, your VPN link had ever worked over a high latency link
    Cheers,
    10forcash
     
  11. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
    ohhh. **slaps forehead**

    No, the reference to Comcast was when I had cable... I moved though.. and now cable isn't available anymore. :(

    VPN worked fine- GREAT in fact, on the cable link.
     
  12. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
    I had one other thought... and mind you.. I'm OBVIOUSLY not a networking guru... my employer uses Win 2000 for their VPN.. client.. or whatever.. (me no speak techie language!)

    Just wondering if perhaps there is a setting that limits the amount of time I have to connect to the VPN... For instance... if the connection isn't made with 5 seconds, it would time out and boot me. ???? I get the error, "the remote computer has not responded" do you (or anyone) know if this is a possibility? Something they could potentially change?
     
  13. 10forcash

    10forcash

    Joined:
    Aug 7, 2003
    Messages:
    343
    VPN's do have timeouts, yes, however Direcway uses a fair bit of port redirection / blocking. Ask your sysadmin to check their VPN logs for errors relating to your attempted logons, giving them the date / times may make them more conducive to help, also, increasing your network MTU may help - but not too much!! Use something like Dr.TCP or similar, also try looking at www.copperhead.cc you may find more info on there
    Cheers,
    10forcash
     
  14. 10forcash

    10forcash

    Joined:
    Aug 7, 2003
    Messages:
    343
    Just found this,
    Might not help much but it does explain the North American implementation of Direcway
    Will VPN work over DirecWay ? :

    Generally speaking, VPN will not work over 2-way residential service no mater who the dealer is. This is because the residential service offering does not come with a option for a Live IP. The IP address that is used is placed behind a Cisco Pix Firewall that does NAT (Network Address Translation). Most (if not all) VPN solutions require a live IP to be assigned to the host. When the VPN (ipsec or pptp) packets pass thru the NAT they are modified and as such are discard by the VPN server because they are modified. Now wait a minute you say. "Early on when the service just started I could do VPN"… Some NAT's (Cisco pix) have addressed this problem and allow a VPN connection to traverse across the NAT with the following limitations.

    1. Only one VPN connection per VPN server.( I.E first person connects to a vpn server at 207.0.0.1. The second person tries to connect to the same vpn server at 207.0.0.1 would fail.

    2.The NAT must not be doing PAT (Port Address Translation). This happens when the NAT has more clients using it that real IP address assigned to it.

    When the 2-Way service was new the NAT had enough IP's so it didn't do PAT. Now that many people are using the service now it is mostly doing PAT. And a such VPN will not work.

    Hughes (and I'll assume powered by) has the option for a Live IP on their Business accounts. To do this they have Gateways that are all Live IP's. Having this will let you do VPN but I will caution you that the performance of VPN over 2-way is low. This is because all of the optimization that Hughes does to minimize satellite latency is lost . I find that VPN over 2-way is about the same as 128 ISDN on receive and at best 33.6-28.8 dial up on return. As well not all VPN clients will install on a system with NAV as some modify the network adapter that it is bound to. Doing this breaks the Satellite USB NIC.
    The following is a list of VPN client that I know work over 2-way Live IP.

    Microsoft's PPTP
    Cisco
    Nortel's Extranet client
    Indus River
    Borderware Secure
    PGP
    Checkpoint does not work (use PGP as client for Checkpoint server)

    The exception to the above is if the network you're trying to connect to supports "Nat Traversal". (Check with your network administrator to find out if this is supported.) Still, even if it does work the connection will be terribly slow due to satellite latency. Even if it does work for you, you might decide using a standard dial-up modem is faster for VPN.

    Cheers,
    10forcash
     
  15. rocknchic

    rocknchic Thread Starter

    Joined:
    Oct 20, 2002
    Messages:
    543
    .... *cries*

    so who's gonna fix it?! lol

    ok ok.. I think.. I am screwed. I have found my first "downside" to the boondocks!

    Thank you anyway, 10forcash... I appreciate the help.. even if it "is" bad news. :)
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/223159

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice