IPSEC Lan to Lan VP issue

Associate
Joined
30 May 2004
Posts
669
Location
Uk
Hi

We are having an issue with an IPSEC Lan to Lan VPN between 2 sites. Site A has a Cisco 5508-x and Site B has a Draytek 3910

Users at Site B connect to a server in Site vis RDP and can connect fine. They are occasionally seeing the RDP connection drop for a few seconds and then reconnect. However when we check the status of the VPN, it is saying it is connected and hasn't dropped and rebuilt. I have reached out to Draytek and they are having issues finding what could be causing the problem as it happens sporadically. It can happen a couple of times a day and then it might not happen for a few days

Can anyone think of what could be causing the issue? I should say that Site B has a backup Draytek 2952 which works fine without issue but the bosses want to have the 3910 working and use that as the primary with the 2952 as a backup

Also, Site A is run by Rackspace and as they only keep logs for approx. 20 mins, they can't see what could be causing the issue as as far as they are concerned the config on both sides is correct

Cheers
 
Is the config identical on the two DrayTek routers? Are you 100% sure - have you checked everything? Things like lifetimes on phase 1 and phase 2, any keepalive options, if there's a far-end IP address that is being monitored etc.

When the RDP session is lost, does it affect everybody at site B at the same time? If it doesn't then it's not a VPN problem. Leave a ping running as well, see if that drops at the same time.
 
Is the config identical on the two DrayTek routers? Are you 100% sure - have you checked everything? Things like lifetimes on phase 1 and phase 2, any keepalive options, if there's a far-end IP address that is being monitored etc.

When the RDP session is lost, does it affect everybody at site B at the same time? If it doesn't then it's not a VPN problem. Leave a ping running as well, see if that drops at the same time.
Yes the config is the same as I could export the Lan to Lan config from the 2952 and import it into the 3910

When the RDP session is lost it affects all users on Site B so I am sure it is definitely on the Draytek side somewhere but I can't think what and as I say Draytek haven't been able to help much as it is so intermittent
 
Back
Top Bottom