FRITZ!Box 7530 - modem mode

Post by Graham J
The FRITZ!Box 7530 shows the DSL connection is good, and there are
sensible figures for speed, SNR margins, etc.
I connect my Ethernet router to a LAN port on the FRITZ!Box 7530; but
the Ethernet router always shows "No reply from PPPoE server".
So it appears that the PPPoE traffic does not travel through the
FRITZ!Box 7530.

Do you need to specify a VLAN on your router? 101 would be my first
guess for an openreach supplied conn

Graham J

2024-05-07 11:45:14 UTC

Do you need to specify a VLAN on your router? 101 would be my first
guess for an openreach supplied connection.

Yes, and VLAN tag = 101 is specified.

--
Graham J

Theo

2024-05-07 15:19:25 UTC

Post by Graham J
So it appears that the PPPoE traffic does not travel through the
FRITZ!Box 7530.
Has anybody ever succeeded in getting a FRITZ!Box 7530 to function in
modem mode? What did you do to get it working?

Is this a vanilla 7530 or one issued by Zen? When I bought a Zen one
secondhand I think it had a Zen-specific firmware on it (I reflashed it with
OpenWRT so I didn't pay much attention).

Maybe there is vanilla firmware that can be downloaded from Fritzbox and
flashed?

Theo

Graham J

2024-05-07 15:57:41 UTC

Theo wrote:

[snip]

Post by Theo
Is this a vanilla 7530 or one issued by Zen? When I bought a Zen one
secondhand I think it had a Zen-specific firmware on it (I reflashed it with
OpenWRT so I didn't pay much attention).

[snip]

It's one issued by Zen. It doesn't belong to me, so I don't want to
re-flash it. This is for a reliability test, so I only need the modem
mode for a week or two.

So far as I can tell, it's factory configuration is:

Username = ***@zen
Password = ****

and it has VLAN-ID = 101

.... so it is intended to connect to the Zen provisioning server,
present its serial number, and get the specific user configuration.

With an invalid connection username its own PPPoE session is never
established - which is what I want for modem mode.

The checkbox for PPPoE Passthrough should allow PPPoE traffic entering
on a LAN port to exit via the VDSL modem - but this doesn't happen.
I've tried LAN ports 1 and 4, and tried again from power up without any
other device connected to any LAN port.

--
Graham J

Andy Burns

2024-05-07 16:04:45 UTC

Password = ****
and it has VLAN-ID = 101
.... so it is intended to connect to the Zen provisioning server,
present its serial number, and get the specific user configuration.

Will it use

Graham J

2024-05-07 16:32:30 UTC

Andy Burns wrote:

[snip]

Will it use TR-069 config?

That's the usual configuration.

But NO, I don't want to use TR-069. I have an Ethernet router and the
PPP credentials are configured in its WAN port. So I want the FRITZ!Box
7530 to function in modem mode.

The reason I have an Ethernet router is to achieve a LAN-to-LAN VPN,
which the FRITZ!Box 7530 does not offer.

But I need to use the FRITZ!Box 7530 to demonstrate to the ISP that
their VDSL connection is unreliable.

--
Graham J

Andy Burns

2024-05-07 16:55:58 UTC

Will it use TR-069 config? >

That's the usual configuration.
But NO, I don't want to use TR-069.

You (most likely correctly) might not want to, but what does Zen want?
e.g. plusnet have the option (if you talk nicely to them) to remove a
given serial number router from TR-069 system.

Post by Graham J
I have an Ethernet router and the
PPP credentials are configured in its WAN port. So I want the FRITZ!Box
7530 to function in modem mode.
The reason I have an Ethernet router is to achieve a LAN-to-LAN VPN,
which the FRITZ!Box 7530 does not offer.

could you use e.g. openVPN on your other router, with port forwarding
from the Fritz!

Post by Graham J
But I need to use the FRITZ!Box 7530 to demonstrate to the ISP that
their VDSL connection i

Graham J

2024-05-07 18:39:21 UTC

Will it use TR-069 config? >

That's the usual configuration.
But NO, I don't want to use TR-069.

You (most likely correctly) might not want to, but what does Zen want?
e.g. plusnet have the option (if you talk nicely to them) to remove a
given serial number router from TR-069 system.

As I understand it, a router uses TR-069 to get its intended
configuration. It does this by using an internet connection established
using a fixed username & password; then sending its unique serial
number. But I don't need the FRITZ!Box 7530 to connect to a Zen server
at all; my Ethernet router does that, which I have configured with the
user's credentials.

So TR-069 is irrelevant.

[snip]

Post by Andy Burns
could you use e.g. openVPN on your other router, with port forwarding
from the Fritz!

A brief review of openVPN suggests I could not implement a LAN-to-LAN
VPN. Am I wrong?

Post by Graham J
But I need to use the FRITZ!Box 7530 to demonstrate to the ISP that
their VDSL connection is unreliable.

My initial post shows a link which claims to have a FRITZ!Box 7530
working in modem mode - but I suspect it has missed out a key fact. But
I can't find anybody else on the internet who has been successful -
everybody else says it fails.

--
Graham J

Andy Burns

2024-05-07 19:02:32 UTC

Post by Graham J
A brief review of openVPN suggests I could not implement a LAN-to-LAN
VPN. Am I wrong?

OpenVPN says it can do site-to-site, though I've only ever used it in
road-warrior mode, certainl

David Wade

2024-05-07 22:00:13 UTC

Post by Graham J
[snip]

Will it use TR-069 config?

That's the usual configuration.
But NO, I don't want to use TR-069. I have an Ethernet router and the
PPP credentials are configured in its WAN port. So I want the FRITZ!Box
7530 to function in modem mode.
The reason I have an Ethernet router is to achieve a LAN-to-LAN VPN,
which the FRITZ!Box 7530 does not offer.

The 7530 does do Lan-2-Lan. In fact I am sending this using a pair of
7530s configured for lan to lan access using Wireguard. I swapped a
remote Draytek for a second 7530 after moving to Zen FTTP because the
Drayteks I used to use had poor VPN throughput (check the figures).

Post by Graham J
But I need to use the FRITZ!Box 7530 to demonstrate to the ISP that
their VDSL connection is unreliable.

Are you sure its their VDSL not your existing router.

Dave

Graham J

2024-05-08 07:24:20 UTC

David Wade wrote:

[snip]

Post by Graham J
The reason I have an Ethernet router is to achieve a LAN-to-LAN VPN,
which the FRITZ!Box 7530 does not offer.

The current arrangement is a Vigor 2860 at my office connecting via VPN
to a Vigor 2830 at the remote location. For the purpose of testing the
VDSL service I wish to use a FRITZ!Box 7530 in place of the Vigor 2830.
Ideally I would like to achieve this by configuring the FRITZ!Box 7530
to emulate the VPN settings of the Vigor 2830, so I don't have to
reconfigure anything in the V2860. Do you know whether this is
possible, please?

Further, I would like the FRITZ!Box 7530 to respond to pings from the
internet, so I can use an independent connection monitoring service such
as F8Lure see <https://f8lure.mouselike.org/auth.asp> - but I've not
been able to find out how to do this.

Post by Graham J
But I need to use the FRITZ!Box 7530 to demonstrate to the ISP that
their VDSL connection is unreliable.

Are you sure it's their VDSL not your existing router?

This is a separate issue, but yes. The configuration is a V130 modem
connecting to a V2830 router. Until 29 April the service was ADSL and
it was reasonably reliable - it re-sync'ed perhaps one per month.

On 29 April the service was regraded to VDSL as part of a conversion to
SoGEA, and the landline phone service was ported to Voipfone. Clearly
the VoIP service requires the underlying broadband to be 100% reliable.

The V130 and V2830 did not change, but since the regrade the VDSL
service has been very unreliable - it re-sync's 3 or 4 times per day,
and has never been up for more than about 10 hours. I am aware that
there may be a few days of training - but the unreliability is much the
same now as it was in the few days immediately following 29 April.

The ISP is Zen. In order to persuade them to call out Openreach I need
to replace everything at the user site - the faceplate filter, the cable
to the modem, and the modem. Hence my wish to use the FRITZ!Box 7530 in
modem mode. Zen report that every break in service is associated with a
loss of sync, which then causes the PPPoE to drop and reconnect. So the
PPPoE link is not the primary failure, which means that the V2830 is not
the cause of the problem.

--
Graham J

Andy Burns

2024-05-08 07:33:17 UTC

Post by Graham J
Ideally I would like to achieve this by configuring the FRITZ!Box 7530
to emulate the VPN settings of the Vigor 2830

My vigor offers half a dozen VPN protocols, which are you using?

Post by Graham J
so I don't have to reconfigure anything in the V2860

Generally VPN devices *love* to disagree about configuration options, so
I doubt you'll get away with doing nothing ...

Graham J

2024-05-08 08:24:35 UTC

Post by Graham J
Ideally I would like to achieve this by configuring the FRITZ!Box 7530
to emulate the VPN settings of the Vigor 2830

My vigor offers half a dozen VPN protocols, which are you using?

IPSec Tunnel, IKEv1
IKE Pre-shared key
AES with authentication
No X.509 digital signature for dial-in
Fixed IP at both ends

--
Graham J

David Wade

2024-05-08 12:23:20 UTC

Post by Graham J
[snip]

Post by Graham J
The reason I have an Ethernet router is to achieve a LAN-to-LAN VPN,
which the FRITZ!Box 7530 does not offer.

It also doesn´t do Modem Modem. AVM specifically state this which is why
you can´t get it to work.

https://en.avm.de/service/knowledge-base/dok/FRITZ-Box-7530-AX/3233_Can-the-FRITZ-Box-be-used-as-a-modem/

Post by David Wade
The 7530 does do Lan-2-Lan. In fact I am sending this using a pair of
7530s configured for lan to lan access using Wireguard. I swapped a
remote Draytek for a second 7530 after moving to Zen FTTP because the
Drayteks I used to use had poor VPN throughput (check the figures).

Probably not. The Fritz!Box only supports IPsec and WireGuard.

Post by Graham J
Further, I would like the FRITZ!Box 7530 to respond to pings from the
internet, so I can use an independent connection monitoring service such
as F8Lure see <https://f8lure.mouselike.org/auth.asp> - but I've not
been able to find out how to do this.

I don´t think you can.

Post by Graham J
But I need to use the FRITZ!Box 7530 to demonstrate to the ISP that
their VDSL connection is unreliable.

Are you sure it's their VDSL not your existing router?

I must say that I had similar issues with my V2862 on VDSL. I think I
ended up down grading the V2862 software. The V130 is now quite old. I
wonder if it uses the same modem chipset as V2862...

Post by Graham J
The ISP is Zen. In order to persuade them to call out Openreach I need
to replace everything at the user site - the faceplate filter, the cable
to the modem, and the modem. Hence my wish to use the FRITZ!Box 7530 in
modem mode. Zen report that every break in service is associated with a
loss of sync, which then causes the PPPoE to drop and reconnect. So the
PPPoE link is not the primary failure, which means that the V2830 is not
the cause of the problem.

If its three or four times a day just stick the 7530 for a morning and
see what happens. Alternatively set up the 7530 as a normal router, turn
off PPPoE on the vigour, and route all traffic to it via port sharing.

Dave

Graham J

2024-05-16 09:48:46 UTC

Graham J wrote:

[snip]

Post by David Wade
Are you sure it's their VDSL not your existing router?

[snip]

OP here.

I replaced the V130 modem and V2830 router combo with a brand new V2763
router. Much improved reliability! Connection has now been up for
about 48 hours. I can also capture the DSL performance to syslog.

Syslog shows:
UpSpeed=6889000 DownSpeed=34998000 SNR=7 Atten=23
with SNR=6 sometimes showing.

So I checked the history of the V130 modem.
Purchased 05/03/2015 with 3.7.8 firmware.
Upgraded to 3.8.5.1_BT on 10/04/2024

In use at a customer site for ADSL until sometime 2018 until customer
closed that office.

Installed at current user 10/04/2024 for ADSL - operated with 2 re-syncs
until 29/04/2024 at which point Openreach reconfigured the line for VDSL.

Since then has re-synced several times per day. When measured has shown:

UpSpeed about 7 Mbits/sec
DownSpeed about 39 Mbits/sec
SNR UP 5dB
SNR down 5dB

Most days it would re-sync at about 10am plus or minus half a hour, and
again at 8 pm plus or minus half a hour; and at other more random times.

In the past I've suspected that the modem component of Vigor routers
counts errors and re-syncs when the error count reaches some arbitrary
total. This might explain the strangely regular re-syncs.

Has anybody else seen similar unreliability from Vigor routers?

--
Graham J

Woody

2024-05-16 14:19:13 UTC

Post by Graham J
[snip]

Post by David Wade
Are you sure it's their VDSL not your existing router?

[snip]
OP here.
I replaced the V130 modem and V2830 router combo with a brand new V2763
router. Much improved reliability! Connection has now been up for
about 48 hours. I can also capture the DSL performance to syslog.
UpSpeed=6889000 DownSpeed=34998000 SNR=7 Atten=23
with SNR=6 sometimes showing.
So I checked the history of the V130 modem.
Purchased 05/03/2015 with 3.7.8 firmware.
Upgraded to 3.8.5.1_BT on 10/04/2024
In use at a customer site for ADSL until sometime 2018 until customer
closed that office.
Installed at current user 10/04/2024 for ADSL - operated with 2 re-syncs
until 29/04/2024 at which point Openreach reconfigured the line for VDSL.
UpSpeed about 7 Mbits/sec
DownSpeed about 39 Mbits/sec
SNR UP 5dB
SNR down 5dB
Most days it would re-sync at about 10am plus or minus half a hour, and
again at 8 pm plus or minus half a hour; and at other more random times.
In the past I've suspected that the modem component of Vigor routers
counts errors and re-syncs when the error count reaches some arbitrary
total. This might explain the strangely regular re-syncs.
Has anybody else seen similar unreliability from Vigor routers?

As a point of interest, if BT (preuumably BTOR) do any system changes
they are (or were) always done at 35 mins past the hour - which loosely
fits your time frame?

David Wade

2024-05-16 14:30:25 UTC

Post by Graham J
[snip]

Post by David Wade
Are you sure it's their VDSL not your existing router?

[snip]
OP here.
I replaced the V130 modem and V2830 router combo with a brand new V2763
router. Much improved reliability! Connection has now been up for
about 48 hours. I can also capture the DSL performance to syslog.
UpSpeed=6889000 DownSpeed=34998000 SNR=7 Atten=23
with SNR=6 sometimes showing.
So I checked the history of the V130 modem.
Purchased 05/03/2015 with 3.7.8 firmware.
Upgraded to 3.8.5.1_BT on 10/04/2024
In use at a customer site for ADSL until sometime 2018 until customer
closed that office.
Installed at current user 10/04/2024 for ADSL - operated with 2 re-syncs
until 29/04/2024 at which point Openreach reconfigured the line for VDSL.
UpSpeed about 7 Mbits/sec
DownSpeed about 39 Mbits/sec
SNR UP 5dB
SNR down 5dB
Most days it would re-sync at about 10am plus or minus half a hour, and
again at 8 pm plus or minus half a hour; and at other more random times.
In the past I've suspected that the modem component of Vigor routers
counts errors and re-syncs when the error count reaches some arbitrary
total. This might explain the strangely regular re-syncs.
Has anybody else seen similar unreliability from Vigor routers?

Yes, I mentioned it previously, but I didn't record the details.

Dave

Graham J

2024-05-18 23:14:29 UTC

Graham J wrote:

[snip]

Post by Graham J
Has anybody else seen similar unreliability from Vigor routers?

OP here again.

The V2763 router has just dropped the connection after about 58 hours.

But now I have some diagnostics. Syslog shows:

May 18 21:15:27 V2763ac_Loan: PPP Closed : Remote Terminating (PPPoA)

I guess from this that sync was lost soon after 21:15:27 - but what
caused "PPP Closed : Remote Terminating (PPPoA)" ?

And did "PPP Closed : Remote Terminating (PPPoA)" cause the loss of
sync, or was it reported as a result of the loss of sync?

Any ideas, please?

--
Graham J

Andy Burns

2024-05-19 06:22:13 UTC

Post by Graham J
The V2763 router has just dropped the connection after about 58 hours.
May 18 21:15:27 V2763ac_Loan: PPP Closed : Remote Terminating (PPPoA)

I wouldn't read that as a loss of sync, I'd say the link between you and
the DSLAM stayed up. Either the DSLAM got rebooted, or it lost
connection to something higher up the ATM food-chain ...

Graham J

2024-05-19 06:58:55 UTC

Post by Graham J
The V2763 router has just dropped the connection after about 58 hours.

[OP here - actually about 107 hours - sorry!]

Post by Graham J
May 18 21:15:27 V2763ac_Loan: PPP Closed : Remote Terminating (PPPoA)

I wouldn't read that as a loss of sync, I'd say the link between you and
the DSLAM stayed up. Either the DSLAM got rebooted, or it lost
connection to something higher up the ATM food-chain ...

Interesting. I suspect it is a mistranslation of the original Taiwanese.

Ordinarily the router reports "ADSL_Status" every 28 seconds. But 2
minutes 21 seconds elapsed between "Remote Terminating" and the next
"ADSL_Status" - which suggests retraining.

Anybody know of a definitive explanation?

--
Graham J

Andy Burns

2024-05-19 07:48:28 UTC

Interesting. I suspect it is a mistranslation of the original Taiwanese.

Depends whether the modem considers itself to be the remote, or the
DSLAM as being remote from it ...

any LCP me

Graham J

2024-05-19 09:07:13 UTC

Interesting. I suspect it is a mistranslation of the original Taiwanese.

Depends whether the modem considers itself to be the remote, or the
DSLAM as being remote from it ...
any LCP messages?

Didn't collect any at the relevant moment.

In general they are of the form:

May 19 08:04:58 V2763ac_Loan: WAN1 PPPoE <== Protocol:LCP(c021) EchoReq
Identifier:0x2A Magic Number: 0x9d63 04 4b ##

May 19 08:04:58 V2763ac_Loan: WAN1 PPPoE ==> Protocol:LCP(c021) EchoRep
Identifier:0x2A Magic Number: 0x0 00 00 ##

An there are about 3 such line pairs between each "ADSL_Status" line.

To me they imply that sync is good, since they show PPPoE traffic.

--
Graham J

Andy Burns

2024-05-19 09:27:07 UTC

Post by Andy Burns
any LCP messages?

Didn't collect any at the relevant moment.
May 19 08:04:58 V2763ac_Loan: WAN1 PPPoE <== Protocol:LCP(c021) EchoReq
Identifier:0x2A Magic Number: 0x9d63 04 4b ##
May 19 08:04:58 V2763ac_Loan: WAN1 PPPoE ==> Protocol:LCP(c021) EchoRep
Identifier:0x2A Magic Number: 0x0 00 00 ##

Never anything like TermReq/TermAck ?

Post by Graham J
An there are about 3 such line pairs between each "ADSL_Status" line.
To me they imply that sync is good

Yes, so long as they are being exchanged, sync is good.

Post by Graham J
since they show PPPoE traffic.

Eh? earlier it was showing PPPoA, now PPPoE ... is it ADSL or VDSL?

Graham J

2024-05-19 09:40:48 UTC

Post by Andy Burns
any LCP messages?

Didn't collect any at the relevant moment.
May 19 08:04:58 V2763ac_Loan: WAN1 PPPoE <== Protocol:LCP(c021)
EchoReq Identifier:0x2A Magic Number: 0x9d63 04 4b ##
May 19 08:04:58 V2763ac_Loan: WAN1 PPPoE ==> Protocol:LCP(c021)
EchoRep Identifier:0x2A Magic Number: 0x0 00 00 ##

Never anything like TermReq/TermAck ?

No - never

Post by Graham J
An there are about 3 such line pairs between each "ADSL_Status" line.
To me they imply that sync is good

Yes, so long as they are being exchanged, sync is good.

Post by Graham J
since they show PPPoE traffic.

Eh? earlier it was showing PPPoA, now PPPoE ... is it ADSL or VDSL?

The service is VDSL.

But the Draytek logs appear to use ADSL to include VDSL, so the line:

May 18 21:18:16 V2763ac_Loan: ADSL_Status:[Mode=17A States=SHOWTIME
UpSpeed=6763000 DownSpeed=34998000 SNR=7 Atten=23 ]

... could not possibly refer to ADSL since the up and down speeds are
far to high. Also, the router shows:

"VDSL2Firmware Version: 77B507_A/B/C with Vectoring support"

The router's WAN settings show Protocol=PPPoA

--
Graham J

Graham J

2024-05-20 08:22:22 UTC

Post by Graham J
[snip]

Post by Graham J
Has anybody else seen similar unreliability from Vigor routers?

OP here again.
The V2763 router has just dropped the connection after about 107 hours.
May 18 21:15:27 V2763ac_Loan: PPP Closed : Remote Terminating (PPPoA)

OP again. Yesterday I saw:

May 19 21:00:03 V2763ac_Loan: PPP Closed : Remote Terminating (PPPoA)

This is almost exactly 24 hours since the previous failure, and was at
about dusk. With the previous V130 and V2830 combo there were several
failures per day apparently at random, but some - not every day - were
around 9pm. So I suspect that there is interference from a nearby
street lamp or security light.

Is it likely that VDSL is more susceptible to impulse interference than
the previous ADSL (which worked reliably with the same V130 & V2830 combo)?

--
Graham J

Andy Burns

2024-05-20 08:46:02 UTC

Post by Graham J
This is almost exactly 24 hours since the previous failure

Does the 2763 have a Diagnostics/DSL page? (It'll probably be so slow
loading that you think it's not working!)

On the General tab, what's you up/down SNR margin?

What is the difference between your actual and attainable speeds? If
there's enough "headroom" it ought to be able to cope with a bit of
signal loss through bit-swapping without losing sync.

Take screenshots of the graphs on the Tone Information tab during the
day and night, when you compare them are there any dips?

Graham J

2024-05-20 09:07:55 UTC

Post by Graham J
This is almost exactly 24 hours since the previous failure

Does the 2763 have a Diagnostics/DSL page? (It'll probably be so slow
loading that you think it's not working!)

Yes

On the General tab, what's your up/down SNR margin?

Down 7dB; Up 5dB. I have seen the Down SNR margin as low as 4dB. Was
5dB at 9pm last night when the failure occurred.

What is the difference between your actual and attainable speeds? If
there's enough "headroom" it ought to be able to cope with a bit of
signal loss through bit-swapping without losing sync.

Actual Down 34998 kbits/sec; Up 6744 kbits/sec
Attainable Down 38153 kbits/sec; Up 6740 kbits/sec

Attenuation Down 23dB; Up 36dB

Take screenshots of the graphs on the Tone Information tab during the
day and night, when you compare them are there any dips?

Captured one just now - thanks.

--
Graham J

Andy Burns

2024-05-20 09:32:20 UTC

On the General tab, what's your up/down SNR margin?

Down 7dB; Up 5dB. I have seen the Down SNR margin as low as 4dB. Was
5dB at 9pm last night when the failure occurred.

Mine are essentially constant at 3dB down, 15dB up

What is the difference between your actual and attainable speeds? If
there's enough "headroom" it ought to be able to cope with a bit of
signal loss through bit-swapping without losing sync.

Actual Down 34998 kbits/sec; Up 6744 kbits/sec
Attainable Down 38153 kbits/sec; Up 6740 kbits/sec

actual down 79990 Kbps up 19999 Kbps
Attainable down 86012 Kbps up 25874 Kbps

Attenuation Down 23dB; Up 36dB

Both 11dB for me

Take screenshots of the graphs on the Tone Information tab during the
day and night, when you compare them are there any dips?

Captured one just now - thanks.

Seems like it's your upstream that's struggling, actual up speed is very
close to max attainable, maybe try offsetting the SNR value to sacrifice
speed for reliability?

<https://www.draytek.com/support/know

Graham J

2024-05-20 10:12:16 UTC

Andy Burns wrote:

[snip]

Post by Andy Burns
Seems like it's your upstream that's struggling, actual up speed is very
close to max attainable, maybe try offsetting the SNR value to sacrifice
speed for reliability?
<https://www.draytek.com/support/knowledge-base/4800>

Thanks for the link. I knew I'd seen that somewhere before - long ago,
in relation to a V2800, I think.

Wonder whether it works for the V2763? Will check late this evening.

--
Graham J

Graham J

2024-05-20 21:54:59 UTC

Post by Graham J
[snip]

Post by Andy Burns
Seems like it's your upstream that's struggling, actual up speed is
very close to max attainable, maybe try offsetting the SNR value to
sacrifice speed for reliability?
<https://www.draytek.com/support/knowledge-base/4800>

Thanks for the link. I knew I'd seen that somewhere before - long ago,
in relation to a V2800, I think.
Wonder whether it works for the V2763? Will check late this evening.

No connection failure at about 9pm this evening.

The command:
vdsl snr 50
... changed the downstream SNR margin from 7 to 11, so the command does
work the same way on the V2763. Down speed reduces, from 34998000 to
27904000 - much as expected.

I don't see a command to change the upstream SNR margin - I imagine this
is controlled in the DSLAM.

The Tone Information looks the same as I captured at 10am today.

Changing the vdsl snr delta invokes a modem reboot (as expected) and
suslog shows this as:

May 20 22:08:49 V2763ac_Loan: SaveConfiguration
May 20 22:08:49 V2763ac_Loan: PPP Closed : Remote Terminating (PPPoA)
May 20 22:08:49 V2763ac_Loan: WAN 1 is down.
May 20 22:08:50 V2763ac_Loan: DSL: Modem Shut Down from ADSL Phy Layer (0)

So "Remote Terminating" can clearly mean "tell the remote device to
terminate" rather than "the remote device is telling me to terminate".
Unless anybody knows otherwise?

--
Graham J

Andy Burns

2024-05-21 03:06:39 UTC

Post by Graham J
vdsl snr 50
... changed the downstream SNR margin from 7 to 11, so the command does
work the same way on the V2763. Down speed reduces, from 34998000 to
27904000 - much as expected.
I don't see a command to change the upstream SNR margin - I imagine this
is controlled in the DSLAM.

I thought there was an "up" qua

Graham J

2024-05-21 07:25:08 UTC

Post by Graham J
vdsl snr 50
... changed the downstream SNR margin from 7 to 11, so the command
does work the same way on the V2763. Down speed reduces, from
34998000 to 27904000 - much as expected.
I don't see a command to change the upstream SNR margin - I imagine
this is controlled in the DSLAM.

I thought there was an "up" qualifier on the various Xdsl commands?

Possibly.

vdsl optn

... lists one option as us/ds/bi amongst others such as trellis and
bitswap but there's no implication that us/ds/bi could be used together
with snr. I don't want to try anything since I'm doing this remotely
and would not want to lose access. Maybe next time I visit the site.

It's not explained at:

<https://www.draytek.com/online-manuals/router/v2763/v4.4.2.1/command/#content>

Can you point me to a new telnet command manual - the latest I have is
for the v2800 which I downloaded in 2010 !!!

--
Graham J

Graham J

2024-05-22 14:49:12 UTC

David Wade wrote:

[snip]

Please can I ask your advice?

I have a V2860 in my office and a FRITZ!Box 7530 AX at a nearby location
and would like to set up a VPN between the two. Both locations have
static public IPs.

The V2860 uses IPSec IKEv1 with a pre-shared key, and has the local and
remote IP address configured. I typically use this configuration to
communicate with other Vigor routers.

For this test I have Dial-in only configured, and "Alternative Subject
Name First", Security method Medium (AH), High(ESP DES, 3DES, AES all
checked.

The FRITZ!Box runs FRITZ!OS 7.80. I configured the option "Setting up
an IPSec VPN between two FRITZ!Box networks". So I provide the
pre-shared key and set up the relevant IP addresses, and have "Hold VPN
connection permanently".

The v2860 syslog typically shows:

<141>May 22 15:00:28 V2860n: Responding to Aggressive Mode from <Remote_IP>

<141>May 22 15:00:28 V2860n: Accept Phase1 proposals : ENCR
OAKLEY_AES_CBC, HASH OAKLEY_SHA

<141>May 22 15:00:31 V2860n: IKE ==>, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x4dd30efe

<141>May 22 15:00:31 V2860n: IKE <==, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x244ae727

<141>May 22 15:00:34 V2860n: IKE ==>, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x434a0c5a

<141>May 22 15:00:34 V2860n: IKE <==, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x473a2008

<141>May 22 15:00:36 V2860n: IKE ==>, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x1e8f5eba

<141>May 22 15:00:36 V2860n: IKE <==, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0xf8611671

etc.

This sequence appears to repeat indefinitely, from which I conclude that
the FRITZ!Box is continually trying to gain access. The Vigor sees
this, sends an IKE message, then receives an IKE message. But nothing
more happens.

Any ideas as to how I should get the VPN to work? TIA.

--
Graham J

David Wade

2024-05-23 09:28:29 UTC

Post by Graham J
[snip]

Please can I ask your advice?
I have a V2860 in my office and a FRITZ!Box 7530 AX at a nearby location
and would like to set up a VPN between the two. Both locations have
static public IPs.
The V2860 uses IPSec IKEv1 with a pre-shared key, and has the local and
remote IP address configured. I typically use this configuration to
communicate with other Vigor routers.
For this test I have Dial-in only configured, and "Alternative Subject
Name First", Security method Medium (AH), High(ESP DES, 3DES, AES all
checked.
The FRITZ!Box runs FRITZ!OS 7.80. I configured the option "Setting up
an IPSec VPN between two FRITZ!Box networks". So I provide the
pre-shared key and set up the relevant IP addresses, and have "Hold VPN
connection permanently".
<141>May 22 15:00:28 V2860n: Responding to Aggressive Mode from <Remote_IP>
<141>May 22 15:00:28 V2860n: Accept Phase1 proposals : ENCR
OAKLEY_AES_CBC, HASH OAKLEY_SHA
<141>May 22 15:00:31 V2860n: IKE ==>, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x4dd30efe
<141>May 22 15:00:31 V2860n: IKE <==, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x244ae727
<141>May 22 15:00:34 V2860n: IKE ==>, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x434a0c5a
<141>May 22 15:00:34 V2860n: IKE <==, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x473a2008
<141>May 22 15:00:36 V2860n: IKE ==>, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0x1e8f5eba
<141>May 22 15:00:36 V2860n: IKE <==, Next Payload=ISAKMP_NEXT_HASH,
Exchange Type = 0x5, Message ID = 0xf8611671
etc.
This sequence appears to repeat indefinitely, from which I conclude that
the FRITZ!Box is continually trying to gain access. The Vigor sees
this, sends an IKE message, then receives an IKE message. But nothing
more happens.

I don't think I can offer much help...

I have have a VPN as I have a house in Spain and so its useful to have a
VPN back through my UK setup. The Spanish setup is a pain as its CGNAT
and the router is direct into the Fibre.

In the UK I had Plusnet FTTC/VDSL with a 2862 and fixed IP.

After having some success with client VPNs to the Vigour I thought
Lan2Lan would be good, bought a TP-Link router which supports the same
VPN technology, took it to Spain but it would never connect.
As I am supposed to be enjoying myself when in Spain I didn't do much
debugging.

When I asked around no one seemed to have a solution, but as luck would
have it someone offered an older Vigour on Freecycle which I managed to
grab, took that to Spain and all worked well while I had VDSL.

When I moved to ZEN FTTP I initially routed all in-bound traffic from
their Fritz!box to the Draytek, the VPN continued to work but
performance was dire. Checking the specs for the routers showed why.

So I took the cowards way out, bought a second Fritz!box on E-Bay, took
it to Spain, replaced the Draytek and everything worked. I can even set
the VOIP up so I have a DECT that links back to router in the UK.

The fritz is lacking quite a bit of the functionality of the vigour, it
mostly suffices, and its not critical if it dies when i am not there...

Post by Graham J
Any ideas as to how I should get the VPN to work? TIA.

Perhaps ask on the Fritz support forums. They seem more helpful than Vigour.

Dave

Graham J

2024-05-23 11:09:05 UTC

David Wade wrote:

[snip]

Post by David Wade
I don't think I can offer much help...
I have have a VPN as I have a house in Spain and so its useful to have a
VPN back through my UK setup. The Spanish setup is a pain as its CGNAT
and the router is direct into the Fibre.
In the UK I had Plusnet FTTC/VDSL with a 2862 and fixed IP.
After having some success with client VPNs to the Vigor I thought
Lan2Lan would be good, bought a TP-Link router which supports the same
VPN technology, took it to Spain but it would never connect.
As I am supposed to be enjoying myself when in Spain I didn't do much
debugging.

I got a TP-LINK TD-W8960N to work with a Vigor router. The TP-Link was
very fussy about the number of characters in the pre-shared key and may
also have rejected symbols such as $ or #. But with management access
to it I was able to get it working.

Post by David Wade
When I moved to ZEN FTTP I initially routed all in-bound traffic from
their Fritz!box to the Draytek, the VPN continued to work but
performance was dire. Checking the specs for the routers showed why.

I use the VPN for management of the devices on the remote LAN, so
performance isn't an issue. It's been perfectly adequate since the
early days of ADSL at 1MBits/sec download speeds.

Post by David Wade
The fritz is lacking quite a bit of the functionality of the vigor, it
mostly suffices, and its not critical if it dies when i am not there...

In particular, the Fritz doesn't reliably respond to ping from the
internet. Many of my users are in remote locations with poor ADSL, no
VDSL, and no chance of FTTP, so having sensible performance monitoring
from the likes of <https://f8lure.mouselike.org/auth.asp> is essential.

Thanks anyway.

--
Graham J

Graham J

2024-05-30 21:25:27 UTC

David Wade wrote:

[snip]

Post by David Wade
Perhaps ask on the Fritz support forums. They seem more helpful than Vigour.

The only Fritz forum I can find is in German, but my German is limited
to ordering a beer ...

Do you know of an English forum?

--
Graham J

grinch

2024-05-31 08:04:02 UTC

Post by Graham J
[snip]

Post by David Wade
Perhaps ask on the Fritz support forums. They seem more helpful than Vigour.

The only Fritz forum I can find is in German, but my German is limited
to ordering a beer ...
Do you know of an English forum?

The latest version of Firefox ( 126.1) has a built in translate feature
not perfect but very usable.

Just tried it on the France meteo website, mostly worked but not on
images only text.

David Wade

2024-05-31 16:46:39 UTC

Post by Graham J
[snip]

Post by David Wade
Perhaps ask on the Fritz support forums. They seem more helpful than Vigour.

The only Fritz forum I can find is in German, but my German is limited
to ordering a beer ...
Do you know of an English forum?

I am sure there was an English Forum but when I check I find I sent my
queries in via the help desk. There is a detailed guide here:-

https://en.avm.de/service/vpn/connecting-the-fritzbox-with-a-companys-vpn-ipsec/

to which VPN options they support. If that doesn't help I would e-mail
the support desk. They are helpfull.

Dave

Graham J

2024-06-01 07:17:55 UTC