Dealer having issues with remote programming connection, causes?

[turls]

Just within the last few weeks my dealer has had a very hard time getting into my system remotely. He says it won't connect or it times out. He says he is not having this issue with other customers.

I have a very fast internet connection, cable modem 50meg down/5-10 meg up.

I have both a 1000 and an 800.

I do not run torrents all day or anything like that that would be sucking bandwidth away.

Linksys router with DD-WRT firmware--very stable setup and I never have much trouble with internet access or speed.

He claims he doesn't know what to do and C4 has been no help.

Since I am in a remote area, this is a crippling issue for my system, are there any non-obvious things to try to help him?

Reboot router, what else could it possibly be on my end? Could I have defective C4 equipment?

I will say this is not the first issue with this dealer, but I don't know enough on how the proxy system at C4 works to tell him it is definitely on his end.

I connect fine with iOS devices using a VPN PPTP connection although I know it is not the same thing as trying to use Composer remotely.

[pstuart]

The system C4 uses has some major potential issues that your dealer and yourself can't control. Since they insist on routing the traffic through their servers and both parties have to connect to it, there is another party that neither your dealer or you can control.

Point to Point is the best way to remotely connect, plain and simple. The way their remote access works is that your main controller establishes an outbound VPN client connection to C4's server and the dealer then connects to that server as well. If either leg of the network path to C4 has issues (or if C4 doesn't have the bandwidth, capacity, etc.) there can be drop outs and disconnects.

I recommend that you give your dealer VPN access and cut out the proxy / OpenVPN solution that Control4 uses. Once the dealer has VPN access, they should be able to do the remote programming as if they were physically onsite and have full access to the controller(s).

[turls]

Of course, without a major redesign of my network (?) won't I be opening basically the whole network up to them? Not thrilled about that. Unless I setup a whole subnet dedicated to C4, right?

[TexasBill]

Of course, without a major redesign of my network (?) won't I be opening basically the whole network up to them? Not thrilled about that. Unless I setup a whole subnet dedicated to C4, right?

I have (in addition to the C4 capability) I have a Logmein that I give to my dealer as well - I authorize them to get in with a name and password and then change the name and password after they are done - I have had to use that a couple of times - additional benefit allows me to change some programming remotely if i am out of town and my wife complains about something.

Bill

[turls]

If bandwidth is the issue C4 should be ashamed. I would think if this was a widespread issue the dealers would be up in arms about it? What a time waster for something that in this day and age should be fairly trivial. I know it has some unnecessary hops but it is 2012 and I can see why they do it the way they do--and performance should not be noticably impacted if setup correctly and bandwidth sufficient!

[thegreatheed]

If bandwidth is the issue C4 should be ashamed. I would think if this was a widespread issue the dealers would be up in arms about it? What a time waster for something that in this day and age should be fairly trivial. I know it has some unnecessary hops but it is 2012 and I can see why they do it the way they do--and performance should not be noticably impacted if setup correctly and bandwidth sufficient!

The bandwidth idea sounds like hogwash. I've never heard that before nor have I heard anyone accuse C4 of that before. I've never had an issue accessing customer's systems through the c4 servers unless there was an actual outage, I think I remember 2 unplanned outages, couple hours each, in 7 years.

If he doesn't have this issue with other users, the problem probably isn't with your dealer or C4. I'm not trying to be confrontational or rude, just pointing out the obvious. If the problem only exists in one location, then look for the fix there. Off the top of my head, I would say to use a recommended router, they are recommended for a reason. There is a huge reliability and performance curve on SOHO or residential class routers.

[pstuart]

VPN access can open your network to them... But you can turn on or off access.

Would be no different than if they were in your home and plugged into the switch or on wifi.

Of course, you have proper authentication layers on your home network and shouldn't really worry if someone is on the network, they'd still need your login and password, right?

[turls]

Well, the "important" stuff I do but the media files, etc that I don't want to have issues with have to be fairly open for all these devices to be able to get to them. Opening up a VPN temporarily sounds like a decent option if it continues. I had some issues with my cable router that was replaced a few months back and just got back in and turned on full bridge mode, so hopefully that makes a difference. It did for me connecting through ComposerHE remotely. I had forgotten that I never was able to get in there and change that since it has been so many months with on and off with this dealer.

Of course after I did that he initially said he was still having issues. When I connected "fine" from ComposerHE from work which is on a different ISP than my home network. Is it fair to say if I was able to download my project remotely, that should be pretty intensive and is a good test of the robustness of the connection on my end?

As far as the router, DD-WRT Linksys is fine for anything I throw at it. The issue was likely with the stupid cable router, not my stuff.

The issue remains why can't C4 pinpoint the issue with the tunnel? They should be able to say they issue is with him, me, or something in-between. This black box crap has to be frustrating for dealers.

[thegreatheed]

Doing the bridge mode on the ISP router probably was the entire issue. The ISP routers are among the worst.

[turls]

I had to do a hard reset on the router to get it to reset to the default password, the original router I had that set correctly for bridging almost from the get-go. I couldn't even get in to turn off the wireless which I always do with my own routers. I just hadn't gotten around to calling in to figure out the issue because it wasn't bad enough to cause other issues.

[turls]

Ok, now when I try to connect with ComposerHE, I get a blank list of Directors to connect to. If I VPN in with PPTP, I can add the Director just fine but because of the proxy I can't just add the remote Director because I think C4 generates the IP.

Has anybody had any trouble with getting the Director list to populate when you connect with HE through C4's OpenVPN setup (the "default" setup).

I uninstalled twice, blew away the HE directory the 2nd time. No change. Just started being an issue in the last few days after it seemed to be working better for a while.

I don't know if my dealer is having the issue or not, he never was able to do much successfully remotely. According to C4, they wanted ports opened (not going to do that), and the MTU set to auto, which is bogus, because on DSL you can't use auto and are limited to 1492 typically. If it was a port issue I wouldn't think it would ever connect at all.

Still not happy with how C4 has this setup. I'm thinking most are just giving up and doing PPTP, but that is not a great solution in my situation.

[thegreatheed]

I don't know if my dealer is having the issue or not, he never was able to do much successfully remotely. According to C4, they wanted ports opened (not going to do that), and the MTU set to auto, which is bogus, because on DSL you can't use auto and are limited to 1492 typically. If it was a port issue I wouldn't think it would ever connect at all.

Still not happy with how C4 has this setup. I'm thinking most are just giving up and doing PPTP, but that is not a great solution in my situation.

That bolded portion is not correct. C4 does not support or recommend port forwarding for remote access. 4Sight, or remote Director connection has never needed port forwarding to work.

The openvpn Director IP address not populating is a known issue though. Sometimes it just doesn't populate itself. Your dealer has a page on their account @ my.control4.com to lookup that IP address, so they should never be unable to access the system. I checked a consumer account, I don't see anywhere there to view that address, so you couldn't get around this yourself.

When Composer Pro/HE are installed, they install a networking adapter to do the VPN connection. It's labeled a tap-win32 adapter. Make sure this is installed on your PC, and isn't disabled. You can try disabling it and enabling it, then authenticating in Composer to see if it brings up your address.

[turls]

I should have said that a little differently. My dealer said that C4 told me to do that. Giving benefit of the doubt, maybe it was just a troubleshooting step.

Thanks for the other info, they should add that information to the consumer information in my.control4.com. I'm guessing that address changes over time so it wouldn't do any good long term to just get it from my dealer...

I noticed the new adapter being installed, but I haven't touched it. I would think a reboot would have taken care of anything a disable/enable would do, but I will give it a try.

Didn't work. I guess its another OpenVPN fail...do you think there a chance it will "fix itself" over time?

On top of that a bogus entry I made with just my regular local IP when I had given up on the populate is stuck in the list and keeps coming back even after I delete it.

They have some work to do on HE...

[thegreatheed]

it still sounds like a local networking problem to me. try a router off the control4 recommended networking hardware list.

[pstuart]

Or an ISP issue. Some ISPs are blocking or traffic shaping VPN traffic unless you have a business class service.

Hard to switch ISPs, but a call to them might help track down if they are dropping the packets.

A good packet sniff during the session would show if / where the disconnects are occuring.

[turls]

The list populated today and I was able to get in. Once I'm past that hurdle I don't have issues most of the time, but even when I've had good luck my dealer has much less success on those same days. If I can remote in with a VPN session (PPTP) without issue, that also helps to rule out anything with my router, whether its on the recommended list or not (once you do DD-WRT, all bets are off anyway on whether hardware is on the list or not). So there is a lot more evidence the issue is with the dealer or Control4 than my local setup.

I have some good contacts at the ISP and they insist no funny stuff is going on with blocking or traffic shaping. Besides that I currently have 2 ISPs and in limited testing both act the same way for my dealer (he is having trouble a majority of the time). Again, once I get the list populated, a majority of the time it works for me.

One thing the ISP did admit is that they were having issues with this particular router, but just in the last week or so. It was dropping the assigned static IP and it wouldn't pick it back up, until a random time later. But that was taking my whole connection down intermittently. So basically unrelated, just made troubleshooting more difficult.

[turls]

Worked for weeks and now list won't populate again. Control4 needs to figure this out. I shouldn't have to resort to imperfect workarounds listed here.