Our remote users connect to our BorderManager v3.8.1 server using the C2S BorderManager Client in Backward Compatability mode. These remote user are all using D-Link DSL-504 ADSL Routers. Once they VPN in, the remote user connects to internal services such as Citrix and Webservers.

We have configured on the D-Link routers routers Advanced Filtering and only allow In and Out 353-TCP, 353-UDP and 2010-UDP. Up until a few days ago this worked fine. We do not have any personal firewall software installed at the remote users workstation.

We have started upgrading the firmware on these D-Link Routers and now have the following issues. The remote users can still VPN Login and ping all Internal hosts but when trying to connect to the Internal Citrix or Webservers it just time outs. If I change the Advanced filters on the D-Links to allow all ports and protocols and then not only can users VPN Login but now they can access all Internal services.

So it seems I have something filtered out ...

I have run an Ethereal trace when it works and when it fails and it just seems to stop for example when trying to contact an Internal Webserver.

Anyone have any ideas on troubleshooting this? I have tried D-Link support to no avail. They say if I can ping Internal hosts then all is fine.

If you have ideas let me know ASAP. I am very lost with what to do now.

Dale Bentley