Cisco VPN Client randomly disconnecting from remote peer.

I have a client that uses the Cisco VPN Client to connect from his home PC (WinXPPro) to his office network.  The client is terminating to a Cisco 851W router.  We're using IPSEC.  The home PC is connecting through a Linksys/Cisco WRV200 router.  IPSEC passthrough is enabled.

Both the home internet connection and the office internet connection seem otherwise stable, so we don't really suspect that either side is knocking the connection down due to bouncing.

From the home PC, I'm able to successfully connect the VPN client to the main office, and browse network shares, connect to Exchange, etc.  The client remains connected for anywhere from 5 minutes to 25 minutes, at which point the connection becomes unresponsive and an error pops up:  "Secure VPN Connection terminated locally by the Client.  Reason 412:  The remote peer is no longer responding."

I can't be entirely sure, but it seems as though the connection drops whenever I put a strain on it (downloading a large file from the office file server, opening a large folder in Outlook, etc).

Also, I'm noticing in the Connection Statistics alot of packets being bypassed.  I'm not sure if this is normal or not.  We don't seem to be dropping any packets, and there are alot being encrypted/decrypted.

And finally, something that I feel might have something to do with it.  A few days ago, we were forced to factory default the Linksys router at the home, due to a lost password.  The config was pretty simple to replicate (including IPSEC passthrough), but it just seems a bit coincidental that this problem cropped up immediately after resetting the router.

Any help would be appreciated.  Thanks!
LVL 1
aptnetworksAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
aptnetworksConnect With a Mentor Author Commented:
Looks like it was a bad router.  I replaced it this morning, and with minimal configuration, the VPN is working perfectly through the new router.

It looks like the old router was definitely causing severe packet fragmentation and bypassing.

From doing a bit of reading, the WRV200 is notorious for causing problems with Cisco VPN connectivity.  Probably why it's EOL now.
0
 
aptnetworksAuthor Commented:
After some further testing, it really does seem that the packet bypassing might be related.  I've attempted several times to download a 176 MB file from the remote file server via the VPN connection, and each time, the download progresses to 40-60% and then fails.  Notably, in the VPN connection statistics, the sent and received bytes seems to stall, and the bypassed packets start to increment.
0
 
mikecrCommented:
I had this problem one time before using the WRV200. Did you upgrade the firmware? Also, use DRTCP to change the MTU size on the client machines connection that is being used to initiate the vpn to 1300 and see if you still get the same result.
0
 
aptnetworksAuthor Commented:
I'll give that a shot.  In the past we've also used an MTU setting of 1492 as well.

The router has the latest firmware available.  We're also going to try connecting the PC directly to the cable modem to confirm that the router is the culprit.
0
 
aptnetworksAuthor Commented:
Figured it out myself.
0
All Courses

From novice to tech pro — start learning today.