Teleport Won’t Connect To Internet
I’ve got a serious problem with my Teleport. I’m staying in a corporate apartment for the next couple of months (off and on) for a client engagement, they have AT&T UVerse. If I connect directly to the UVerse router with my devices, the connection is fine. The Teleport can connect to the UVerse router with no problems, but errors out at “Internet” and then crashes and reboots. At one point, the Teleport started asking my password again, so something clearly is not right.
The bigger problem is that on the occasional time I can click the “Support” button to generate the file, it crashes, or displays the file briefly, then crashes. This is all from iOS.
From Windows, I was able to obtain the support files, and am attaching them to this post. I’m going to be completely honest: My faith in this little device is waning as I seem to have nonstop problems with it when I travel. When it works, it’s great, but that seems to be not the usual as of late.
Hopefully this is an easy fix.
Went and bought a really long CAT5 cable to see if a wired connection will work, now it’s stuck on the “finalizing connection” page, and once again clicking on “Support” crashes the whole thing. Blue circle on the device is flashing, whole circle. I’m absolutely desperate over here for some help, can’t call support until tomorrow.
Tried to connect again from a Windows machine and was able to get the support files for the wired connection.
@Jayson-Knight thanks for the support files! We've seen a crash issue introduced by the 2.8.0rc1 beta, and we believe we fixed it in beta 2.8.0rc3. We'll take a look at your files as soon as possible.
@ubnt-gunars @UBNT-Gunars I’ve done some more troubleshooting this morning, and I think it’s a problem with the cloudflare dns servers, can you confirm this would cause a problem? Here’s what’s going on (and it’s a little complicated)
- I run 2 Windows DNS servers on my home network, which is an AT&T Fibre setup. I recently changed to cloudflare DNS (22.214.171.124, and 126.96.36.199). From my home network, 188.8.131.52 is blocked, so I use 184.108.40.206 as the primary DNS server b/c it’s not blocked. I’ve never had a problem getting to the internet via my Teleport
- My corporate apartment I’m renting, uses AT&T Uverse (not Fibre, but it’s an Arris router). The Teleport can connect fine to the local network, but fails on connecting to the internet. I atttempted to ping 220.127.116.11 and 18.104.22.168 from the Arris router itself, and 22.214.171.124 succeeds (which is odd, b/c it’s known that AT&T blocks this address), but pinging 126.96.36.199 fails. Bear in mind that 188.8.131.52 is my primary DNS forwarder, with 184.108.40.206 being the secondary.
So, could that be the problem? And if so, why doesn’t the teleport attempt to use the secondary DNS forwarder (in my case, 220.127.116.11)? Actually, it might do that, but since 18.104.22.168 is blocked from my home network via AT&T, that could cause the failure as well.
Unfortunately, I have no way to change the DNS forwarders until I’m back at my home office next week...but can you confirm that this is the issue?
Would a solution be to keep the 22.214.171.124/126.96.36.199 combo for Cloudflare, but also have OpenDNS servers set up as #3 and #4 forwarders? Will Teleport walk down the chain that far until it finds a DNS forwarding address that will actually connect? (assuming this is the problem to begin with)
Sidenote: Cloudflare’s DNS offering is incredible, but man they really screwed the pooch on picking the IP addresses. I understand the need for simplicity, but this is just crazy that at my home, 188.8.131.52 is blocked (but 184.108.40.206 is allowed), but at this apartment in Indianapolis, 220.127.116.11 is blocked (with 18.104.22.168 allowed). I’m pretty sure this is what’s screwing me up, but if you can confirm this is the problem, I’d be most grateful, and also let me know how far down the DNS forwarding chain will attempt to walk until it finds a DNS fowarder that actually works...if that’s the case, I’ll put OpenDNS in the #3 and #4 slots when I return home next week. Obviously I have no way to test this, so I need a bulletproof solution.
@jayson-knight hi Jayson! We looked at the first support file, and it's a subnet collision between the remote network and your home network. Solution is to change the subnet at home. We're discussing internally how to mitigate this, and how to warn the user when this is the case.
The second file shows some issue with the Ethernet connection, and Teleport didn't get an IP address. Not sure what's causing that, but Wi-Fi uplink looks fine.
- My “home” network is my Windows domain
- My “remote” network is the network here at the corporate apt rental I have in Indy
Changing the subnet at my home network isn’t an option (at least not that I can think of), this would require changing a ton of settings. But, I do have full unfettered access to the router here at the “remote” network, so I can change whatever I want. Please bear in mind I’m not a networking expert by any means (I’m a software engineer, so I know networking concepts really well). Are you able to see what I would need to change here at the remote network? The subnet for my home network is 192.168.1.0/24. I’m attaching a screenshot of the remote network configuration page, it looks like the same subnet as my home network?
And just to make sure I’m understanding you correctly, if the subnet masks are different between the two networks, that will cause an issue? If that’s the case, I’m surprised more people haven’t run into this problem. As for the teleport not getting an IP address, that’s very strange. I’m going to play around with that today and see if I can figure out why that’s the case. I’m not familiar w/ this router’s config settings at the remote network, but I’m sure I can figure it out. I can also test by plugging my laptop directly into the router and see if it can get an IP address, just seems very strange that the teleport wouldn’t get an IP address.
Thank you SO much for your help on this, hopefully we can get this figured out, and it sounds like your team will also be able to build in some better resiliency/notifications for users as well. You guys rock!
here’s the remote network config page, tell me what to change on it and I will.
I checked my iPad’s IP config, and it’s also using a 255.255.255.0 subnet mask. Am I misunderstanding what you meant by a “subnet clash”? Can you further explain exactly what the problem is? Thanks!
@ubnt-gunars Here’s a screenshot of the IP address allocation from my remote network’s router when the Teleport is hardwired in via ethernet, it’s getting an IP address. The teleport device has a full ring, flashing, and it doesn’t appear in the available networks to connect to via wifi.
@ubnt-gunars Last screenshot. I plugged my laptop into the same port w/ same cable on the router, and it was able to get an IP address successfully, and I can browse the internet just fine. Here’s a screenshot of the IP config from that laptop w/ the active ethernet adapter circled. This clearly isolates the Teleport as the problem. What else can we do? I’m still thinking it’s an issue w/ ATT blocking 22.214.171.124/126.96.36.199, but I won’t be able to test this until I’m back on my domain later this week. Any other thoughts you or your team have are greatly appreciated though, I have to have this working by August 7th. thanks for all the help so far though :-).
@Jayson-Knight looks like the remote network and the home network use the same subnet. You can either change the subnet at the remote location, or update to the latest beta firmware. Looking at this post https://community.amplifi.com/post/5705, both should work.
Are you able to see what I would need to change here at the remote network?
Jayson, just change the "DHCPv4 Start Address" to something like 192.168.2.1 and "DHCPv4 End Address" accordingly to 192.168.2.253. Make sure "Device IPv4 Address is also changed to something like 192.168.2.x and restart the ISP modem.
As you said, your home network uses 192.168.1.0/24 which is the same as remote network as denoted by "DHCPv4 Start Address" and Netmask. So the conflict is obvious, not only networks match, but also prefix (netmask) lengths match.
As we now know the most probable reason of your issue with Teleport, I would say ATT blocking of 188.8.131.52/184.108.40.206 is not relevant.
I really hope it helps!
@ubnt-andrey Well I’ll be damned, that’s the fix. Worked perfectly! This is obviously a huge bug, glad to see this will be fixed in the next release. @Derek-Saville don’t know if this is of any use to you.
Thanks guys, but please no more showstoppers like this
@jayson-knight no it isn’t a bug. You can’t have two networks with same subnet (in this case 192.168.1.x (the 255.255.255.0 just indicates a bitmask) interacting. The fact amplifi figured out how to mitigate is awesome. But definitely the root cause is not a bug - it’s just how tcp/ip works.