Hello,
I have been having issues with internet connections at two different locations since last Friday. Each location is serviced with a cable modem (dynamic IP) and an RB3011 router. I noticed some strange behavior Friday and when I logged in to the routers, I found they had been accessed and firewall rules were changed, new users were added, and scripts were installed. I removed everything I could find and changed the passwords on both. I then reset both to factory reset, updated Router OS to the newest release, and changed the passwords before restoring from an old configuration backup.
Both routers worked briefly, then began dropping connection every 10-20 minutes. I first thought it was a DNS issue, but was unable to ping any IPs, such as Google. I checked the router logs and found nothing. The DHCP lease from the ISP still has hours remaining.
The ISP has checked the modems and said everything is fine on their end. They did make a comment that they could see two devices receiving DHCP addresses from the modem at once point, but I was unable to find anything or confirm this. To recover from whatever is happening, a simple release/renew from the router's DHCP client gets everything back up and running again for a short time.
I don't see anything obvious in the router settings and don't know what I'm missing. I have reset the configurations in both routers and restored to a working backup, but have had no luck. This is really starting to cause major problems... Any ideas?
Thanks!
I have been having issues with internet connections at two different locations since last Friday. Each location is serviced with a cable modem (dynamic IP) and an RB3011 router. I noticed some strange behavior Friday and when I logged in to the routers, I found they had been accessed and firewall rules were changed, new users were added, and scripts were installed. I removed everything I could find and changed the passwords on both. I then reset both to factory reset, updated Router OS to the newest release, and changed the passwords before restoring from an old configuration backup.
Both routers worked briefly, then began dropping connection every 10-20 minutes. I first thought it was a DNS issue, but was unable to ping any IPs, such as Google. I checked the router logs and found nothing. The DHCP lease from the ISP still has hours remaining.
The ISP has checked the modems and said everything is fine on their end. They did make a comment that they could see two devices receiving DHCP addresses from the modem at once point, but I was unable to find anything or confirm this. To recover from whatever is happening, a simple release/renew from the router's DHCP client gets everything back up and running again for a short time.
I don't see anything obvious in the router settings and don't know what I'm missing. I have reset the configurations in both routers and restored to a working backup, but have had no luck. This is really starting to cause major problems... Any ideas?
Thanks!
.
