The Community is in Read-Only Mode as we get ready to unveil a brand-new experience. Stay tuned - something amazing is on the way!
Hello! So for some reason my previous post / account locked me out, had to sign into my verizon account and make a new community account so reposting for visibility.
So I just upgraded finally to 2.5gbps fiber (yay) I previously had the old black router (GS1100 I think) with my old gig fiber. Had zero issues. Less than a week into my new equipment whenever I have my VPN connected I'm getting insane amounts of kernal errors in my Firewall log on my router. I've tried setting my firewall to Low, I've disabled DNS rebind protection (was getting an insane amount of those errors from my media server) and still no luck, Majority of the times with my VPN speedtests seem to be locked at ~140mbps - 150mbps getting A LOT of the errors Below:
[FW] IPTABLES [Pkt_Illegal] IN=eth1 OUT= MAC=08:27:xx:xx:xx:xx:d0:76:xx:xx:xx:00:08:00 src=52.36.194.121 DST=xx.xxx.xxx.xxxLEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=0 DF PROTO=TCP SPT=443 DPT=43730 WINDOW=0 RES=0x00 RST URGP=0 MARK=0xb
[FW] IPTABLES [Pkt_Illegal] IN=eth1 OUT= MAC=08:27:xx:xx:xx:xx:d0:76:xx:xx:xx:00:08:00 src=44.230.178.227 DST=xx.xxx.xxx.xxxLEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=0 DF PROTO=TCP SPT=443 DPT=34672 WINDOW=0 RES=0x00 RST URGP=0 MARK=0xb
[FW] IPTABLES [Pkt_Illegal] IN=eth1 OUT= MAC=08:27:xx:xx:xx:xx:d0:76:xx:xx:xx:00:08:00 src=157.240.229.61 DST=xx.xxx.xxx.xxxLEN=91 TOS=0x00 PREC=0x00 TTL=57 ID=50612 DF PROTO=TCP SPT=5222 DPT=52428 WINDOW=278 RES=0x00 ACK PSH FIN URGP=0 MARK=0xb
XXX'd out my IP.
No idea what they mean, but It TANKS my internet speed with VPN. The weird thing is, that once I reboot the router, it will work perfectly fine for a little bit, anywhere from 30 minutes to 3 hours, but in the end it always craps out and tanks my speed. Never had any issues with my old equipment but NEED to get this fixed. Was hoping someone could shed some light or have had the same issue, I need this fixed.
I have also noticed the errors are constantly popping up on the router even when the VPN is off. I've noticed a Reboot of the router will temporarily fix the issue, but it happens again within an hour or so.
***I went out and purchased a brand new 3rd party router, took the verizon router out of the equation and my problem seemed to go away, so it seems like something is going on with my new equipment.*** After putting the verizon router back in place, my issue came back shortly after.
EDIT: with ProtonVPN I'd normally get around 1600mbps - 2000mbps down and around 900mbps - 1300mbps up. and now with this issue I'm getting around 140-150mbps down and around 400mbps up.
Looking forward to getting this resolved asap. Thank You!
DNS Rebind Protection has nothing to do with this.
What VPN protocol does ProtonVPN use?
It uses Wireguard UDP.
I forgot to mention I was getting a huge amounts of errors in the firewall log too showing DNS rebind errors or "attacks" on my plex server which it was not getting attacked, I forget exactly what it said, but thats why I disabled that. I've been trying all kinds of things since I've been having this issue as of getting the new equipment, only thing I've noticed that "fixes" it is rebooting the router and it'll work for a little, or not using the Verizon router at all.
But all the log entries you have are PROTO=TCP. Not UDP.
DNS rebind is not some devices getting attacked. It received a DNS response that resolved to an internal RFC 1918 IP, which should not occur.
Ahh ok. but yea my local IP of the plex server was showing an insane amount of the DNS rebind messages hence why I disabled it.
Those pkt illegal errors happen all the time on a lot of devices no matter if I'm using the VPN or not, but it pops up more when I use the VPN and absolutely tanks my speed on the PC witht he VPN. I'm not super knowledgeable about these errors or in-depth knowledge of networking. So I'm just trying to give as much info as I can to hopefully find a resolution.
I bought a TP link router, used that as my main router, connected the wan port on my VZW to the lan out of the new router (so my Fios Cable will still work) and the issue seemed to have gone away and no errors in the new router firewall log. I ran the network like that for an hour or 2 and issue never came back, but shortly after reverting back to normal - using only the verizon router, the issue came back.
FW Packet Illegal really does not indicate any major issues. There are bunch of bad actors on the Internet are constantly sniffing for open ports to attack.
I don't know how you setup the Wireguard tunnels. Whether port triggering is required. I can't really troubleshoot without you giving me some more detailed information on the wireguard tunnels.
Its just odd that constantly 24/7 there are always those kernal messages popping up on the router its not like 1 every second, but its constant and 100% happens whenever I connect the the VPN as well.
and nothing needs to get done on the router as far as port forwarding or anything. I even set my local IP on my PC as a DMZ and it didn't change anything. The software automatically creates a tunnel for me to connect to that all traffic flows through. Then I just select whatever server I want to connect to.
FYI the VPN is a windows app that does everything through windows, nothing needs to get done on the router side of things. I've been testing a new router for the past 12 hours and it seems to have fixed the issue, so I believe its something inside of the Verizon router. Unfortunately, due to Verizon's proprietary cable box system, Verizon doesn't support 3rd party routers with cable TV 😞
Start a new topic or ask questions in the open forum.
