Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


IPSEC VPN Dropping Packets

Just installed two new TZ270's. Had an IPSEC VPN Site to Site running for about 2 years with no issues.

Now all of a sudden im getting dropped packets over the VPN only. The internet traffic is fine and no drops. Losing about 5% of the data which is slowing and freezing applications.

I can post specific settings without the public info here, but if anyone has had this happen to them or knows of a good place to look for the issue, please help! =) Thanks.

Category: Entry Level Firewalls


  • Options
    MitatOngeMitatOnge All-Knowing Sage ✭✭✭✭

    Hi @MikeL2021 ,

    Did you check Packet Monitor or WireShark? Packet monitor gives drope code. Please share here.

  • Options
    MikeL2021MikeL2021 Newbie ✭

    Here is a link to the Wireshark Capture. Its 60MB, so I put it on a Google drive for download. Its also zipped.

    Thanks for any help!!

  • Options
    MitatOngeMitatOnge All-Knowing Sage ✭✭✭✭

    Hi @MikeL2021

    I quickly reviewed pcap file and i found a lots of "Previous segment(s) not captured (common at capture start)" errors.

    1) please check two sites local cable infrastructures. there is cable based crc and packet lost problems.

    2) check wan ISP provider based overload saturation on vpn. Call ISP provider and they should check on their PRTG or CACTI systems.

    3) check LAN switch via CLI ( pc port crc etc.. details)

    4) check packet lost On the sonicwall interface menu for wan interfaces

    5) try ping to each side to side.

    6) Disable AV/EDR/XDR/DLP like programs on the pc's

  • Options
    MikeL2021MikeL2021 Newbie ✭
    edited January 2022

    Thank you for looking at this. Let me start by clarifying that these sites haven't had any cabling changes in the past year. The VPN under two TZ200 Sonicwalls worked flawlessly for over 5 years. We only just upgraded these firewalls because this issue started a few weeks ago and moved both sites to brand new TZ270's. Again, the ONLY packet loss occurs on the VPN IPsec traffic and NOT on normal internet routing, therefore the cabling is less likely of an issue given all of that.

    I spoke to Xfinity at legnth about the issue. They replaced their modem, checked and re-termianted the cables.

    The switches connected are unmanaged and dont have command line access. They have all been replaced in the past two years.

    #4 on your list is pretty obvious, I dont need the sonicwall to tell me im getting packet loss, your #5 run in a constant cycle both out to the internet and accross the VPN tell me that is exactly whats happening.

    The #6 is actually irrelevant as we test all connections on clean laptops not production machines.

    Im more interested in the error you mention about "previous segment not captured" and would ask you to expand on this if you can with what it is and how it happens. If there is a known work around or fix.

    Untimately I still believe this is an undocumented Sonicwall bug like the one that happened on the 20th and after my discussion with the ISP it sure sounds like Sonicwall has some big problems right now with their OS.

  • Options
    CMacCMac Newbie ✭


    The firmware in the Gen7 TZ270 is pretty buggy in my experience prior to 7.0.1-5030-R2007. 

    Also, the configs have not always been stable upgrading from old versions of Gen7 SonicOS to the current version

    so I make sure I have documented the config and factory reset it only after upgrading the firmware.  From that point

    with a clean config manually entered I have MUCH better luck.  This is contrary to Level 1 Tech Support, but

    lines up with Level 2+ staff opinions.

    I had a similar issue several weeks ago with another TZ270 that had been running fine for months and then with no changes to the FW, packet loss started happening. Nothing I did would affect it. We changed the ISP connection and tweaked the config, disabled services, nothing... Upgraded the FW to the R2007, factory reset it and reconfigured manually.

    Not a single issue since then (until the 1/20/2022 snafu cause by the Sonicwall cloud signature services.).

    At the time this happend none of our other TZ270/TZ270W units were affected unlike the 1/20/2022 issue but also this was the oldest firmware on the various TZ270 units.

    Upgrading alone to a version prior to R2007 seems to carry forward problems and did not resolve the issues.

Sign In or Register to comment.