At our main office we have a 3MEIA internet service connected to an Astaro UTM. At our remote site we have a PIX 506E firewall that uses at&t U-Verse internet. We have a Ipsec VPN tunnel between the two sites using 3-DES encryption that has been working fine for a couple of weeks. Recently we noticed we are unable to direct more than one outside IP address from our U-Verse service to the PIX firewall to run different websites on. This was due to the fact that the 2-Wire modem will not allow any MAC address to have more than one IP address.
Long story short we called at&t and they told us we had to "trick" our 2-Wire modem into thinking there are multiple devices connected to it by setting up virtual MAC addresses. We utilized a Cisco 2801 router to use these IP addresses as standby routes and we made up MAC addresses for all of the standby IP addresses in the IP range we were allotted. Now we are able to make use of all the IP addresses we paid for just by opening a port on the PIX with the corresponding IP address.
Recently we have been noticing our VPN connection has been "flaky" as in there are short intervals in which the VPN is down. I'm not sure if this would have anything to do with the router we now have in between the 2-Wire and the PIX but it is causing issues because we send large amounts of data over the tunnel constantly and when it's down, everyone notices it.
I have attached the ipsec log from our Astaro, Does anything look out of the ordinary that would be causing our intermediate VPN bottlenecks?