1. Home
  2. Virtual Private Networks
  3. Help! VPN from FVS328 to FVS318 drops after a few hours

Help! VPN from FVS328 to FVS318 drops after a few hours

I have an FVS328 in our main office which I have just configured for Internet access and VPN links to FVS318s at our remote offices. The VPNs are working except that after a few hours they will stop passing data. Attempting to ping across the VPN will not bring them back up. I go into the VPN status on the FVS328 it says; Phase 1:M-ESTABLISHED/Phase 2:IDLE.

It seems that because phase 1 is established it considers the vpn as connected. If I click on the drop button then the line will reconnect as soon as it detects any data needed to pass over the vpn.

Any help welcome.

Thanks.

regards

Reply to
Chris Butler
Loading thread data ...

Hello,

I have 4 locations, each with a fvs328 router. 3 out 4 locations have

Static IP . The 4th has Sticky IP. This 4th location is unable to

maintain a solid tunnel with the other 3 locations. I have the 1st

protocol est but the 2nd is idle. When I force a ping through

nothing happens. I have to drop the connection and then force a ping

through and then it works. There is NO traffic at this 4th location

too cause the router to overload with data. We are still in the

setup phase before we open the location.

Any ideas on why this is dropping?

Reply to
Jeff K

I have much the same issue at a remote office with an FVL328, firmware version 2.0_07, connected via VPN to a Stonesoft cluster in the HQ location. The VPN will stay up for a week or two and then for no apparent reason just quit passing traffic. I can get to the external management interface and login to the router fine. The router can reach and resolve anything as long as it does not have to be tunneled through the VPN. I have tried dropping and re-establishing the VPN on the Netgear side and also doing a warm boot. Neither of these options worked. A cold 60 second reset by the folks at the remote site is all that will clear the problem.

I spoke with Netgear support who advised me that I had to talk to their VPN team and that was a chargeable call. The router is only 60 days old and has the latest firmware available as of last weekend.

Therefore the lesson learned -- Buy an enterprise class product if you need that kind of system uptime. The Netgear is going to my five year old for a science project or something...........

--Gus

Jeff K wrote:

Reply to
Gus

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.