A Mind Lost

Why is it that whenever we try to fix something, we always break at least one other? I setup a DMZ on my Netgear FVX538 Firewall at home to put my PS3 into so that I could reduce lag as much as possible by opening the NAT to it.  No problem, configured the PS3, configured the DMZ, activated it, checked that web and email incoming were still working. Great.

Errrr, yeah, except that I get to work this morning and the VPN from my desk via the work FVX538 to home isn’t working.  I suspect that the VPN requires some WAN-LAN rules setting up so that it knows that the VPN needs routing to the LAN, instead of the DMZ becoming the default.  I think I need to open UDP port 500 for the Internet Key Exchange (IKE) traffic and UDP port 1701 for L2TP traffic (not sure if I need that one).  Question is, what address do I forward them to?  The router itself?

Of course, I could configure this and test it from work, except that my VPN is working and remote access to the router isn’t working either, so it’ll have to wait until tonight.

All this just so I don’t suck quite as much at COD: MW2!

Update 29/04/10 09:52

Not so easy, it seems.  Setting up forwarding for the VPN ports gave me a connection which showed as connected at both ends but unable to route any traffic through at all.  Traceroute from either end only got as far the local firewall.  I have the inbound VPN ports forwarded to the firewall LAN address, maybe it has to be forwarded to somewhere else?  For now, I’ll have to undo the DMZ configuration to get my VPN working again for now and play with it some more when I have more time.

I’ve noticed a big spike today in traffic to my earlier post regarding a connection failure on the Playstation network.  The cause appears to be a large number of older-style PS3 consoles being shut off the network due to a calendar problem.  The problem is global and widespread it seems.  More details here.

A friend of mine had problems all through last week connecting to the Playstation Network with his PS3 even though he had had no problems since buying the console over a year ago.  Not having a PS3 myself I know very little about them, but, assuming is was a networking problem, I offered to have a look.  It turns out it is a common problem with numerous solutions which work for some and not others.

The problem presents itself by allowing your PS3 to connect to anything on the internet including browsing the Sony store and using the BBC iPlayer.  If you try to connect to the Playstation Network though in order to play online, it reports that it is taking too long and you should check your network connection.  If you do a network test it will report success for the IP address and internet tests and then a fail for the Playstation Network test.

To cure the problem there are a few things which have worked for one of more people:

1)  Give the PS3 a static IP address and put it into the DMZ on your router.

2)  Change the MTU setting in the PS3 network settings to 1492  (this appears to be the most common solution)

3)  Change the DNS settings to the OpenDNS servers (208.67.222.222 and 208.67.220.220)

4)  Some have reported that they cannot connect with a signal strength on their wireless connection of less than 70%

5)  The most extreme fix after people got no help from Sony, their router manufacturer or their ISP?  Buying a new PS3!

None of the above worked in this case, however.  But after an hour of searching I found a single report where someone had tried the MTU setting of 1492 and it didn’t cure their problem but they discovered that a value of 1400 did work and this is what worked in this case as well.

I don’t know why it worked but setting the MTU to 1400 on the pS3 did the trick.  I am curious as to why the Playstation Network connection is so fussy about it’s settings and what changed to make this fix necessary.

Update: 01/03/2010

I’ve noticed a big spike today in traffic to this post today.  The cause appears to be a large number of older-style PS3 consoles being shut off the network due to a calendar problem.  The problem is global and widespread it seems.  More details here.