Hi all. I recently updated my Verizon home router from G1100 to the G3100. I was very excited about the upgrade; however, three days later I started to notice some issues with my home lab environment which was initially connected off of the G1100. I was getting dropped from my HTTPS sessions as well as getting timeouts in my SSH sessions. Then, I started to noticed my pings to google from my home switch were getting truncated. At that point, I knew something was wrong because the only thing I changed was the Verizon home router nothing in my home lab. My current home lab set up consist of a Fortigate firewall off of the Verizon G3100 router Ethernet port. Then behind my firewall are my switches and servers. This set up was working perfectly fine with the G1100, but once the new G3100 was installed I have been having a lots of issues. Has anyone experience the same types of issue with the new Verizon G3100 home router? If so, were you able to resolve the issue? Help is needed. Thanks everyone.
Can you give a more detailed account of your home lab network setup? For instance, what devices are you using? Which device has problems?
HTTPS and SSH timeout may have to do with the TCP Session Timeout setting in G3100. Pinging gets truncated is bewildering since you are not pinging through a long distance or from a poor connection. If the Firewall lets a ICMP packet through, it will apply the rules unilaterally to let other similar ICMP packets through.
Hi, thanks for the reply. It's all of my devices including the Firewall. I have attached my home lab diagram which illustrates my connection from my 192.168.1.x network and connecting to my home lab environment. This was working perfectly fine without any issue when I had the G1100 installed.
The problem I am having is my HTTPS, and SSH continues to timeout when I log from 192.168.x network. Or when I ping from my core switch the packet are being truncated. This is very frustrating.
See my diagram.
My home lab diagram for some odd reason is not uploading. See below what I created. Again this was working fine with the G1100. Thanks for your help by the way.
Home Network (192.168.x.x) and Lab Network (10.x.x.x). I am NATing at the FW.
HomeNetwork(192.168.x)------->Fios-G3100-Router<-------->Fortigate-Firewall(ICMP is allowed)------>CoreSwitch (ping 188.8.131.52. This is getting truncated)
First of all, I am quite impressed by your home network/lab setup, very sophisticated and well-geared. Are you an IT or in other related fields? There are lots of layer 2 and 3 devices and some are link aggregated as well.
Can you check the firewall logs in both your Fortigate firewall and G3100? For G3100, you need to enable logging by going to... (well, I can only give you the tentative steps since I have G1100) Firewall -> Security Log -> Settings -> check All Blocked Connection Attempts, Accepted Incoming Connections, and Accepted Outgoing Connections.
I think your Fortinet firewall (and all of your managed switches) can support port mirroring? You can just mirror all the uplink ports and use WireShark to monitor all of your traffic. At least for me, my Cisco RV260 (installed this Tuesday to replace G1100. I like G1100's 5GHz 802.11ac speed, so I placed it upstair as a MoCA/switch/access point.) supports port mirroring.
Another thing to mention is that G3100 seems to support VLAN tagging, you can notice that in firewall logs, "IN: eth0.untag" for example. Therefore, I can conclude that G3100 knows more about VLANs than G1100.
Ok thank you so much. I will definitely try your troubleshooting tips for sure this following week. I hope I can get this resolved soon. I will keep you all posted. Yes, I am in the IT field. Never had this issue with G1100. Thanks again.