Help! VPN from FVS328 to FVS318 drops after a few hours

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

I have an FVS328 in our main office which I have just configured for
Internet access and VPN links to FVS318s at our remote offices.
The VPNs are working except that after a few hours they will stop
passing data. Attempting to ping across the VPN will not bring them back
up. I go into the VPN status on the FVS328 it says;
Phase 1:M-ESTABLISHED/Phase 2:IDLE.

It seems that because phase 1 is established it considers the vpn as
connected. If I click on the drop button then the line will reconnect as
soon as it detects any data needed to pass over the vpn.

Any help welcome.

Thanks.


regards
--
Chris Butler

Please note that because of SPAM problems all emails to this address will be
rejected.

Sorry

 

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

Chris,
We have exactly the same setup in our office (FVS328 in the central
office, 318's in remote ones). We believe that we have narrowed down
on the issue that the router simply can't take the traffic and number
of users we throw at it (7 to 8 PC's in the main office, 768k
symetrical DSL link). The only thing that we've found to fix it is to
simply hard reboot the router (a soft reboot via the interface doesn't
usually clean up whatever's causing it to lock up).

Our support experience with NetGear has been miserable (i.e. useless
and big time waster). They've had a beta firmware upgrade out for many
months now that doesn't seem to improve any of our issues - nor has
the beta upgrade been recently revised.

After many $1000 of my own own time wasted on troubleshooting our
office problems with the NetGear routers - I've finally come to
conclusion that we need to pony up the money and purchase an enterprise
rated VPN router. The ones we're looking most closely at for both
functionality, support of VOIP, easy of administration, speed and
reliability are from Netscreen (Juniper) and SonicWall. My 2 cents is
to cut your loses shortly - use those VPN routers at home (which is
probably about the only environment they're relatively stable in) and
get some VPN routers that you can configure once and forget about and
not have to worry about for months at a time.

regards,
Sascha


Chris Butler wrote:
> I have an FVS328 in our main office which I have just configured for
> Internet access and VPN links to FVS318s at our remote offices.
> The VPNs are working except that after a few hours they will stop
> passing data. Attempting to ping across the VPN will not bring them
back
> up. I go into the VPN status on the FVS328 it says;
> Phase 1:M-ESTABLISHED/Phase 2:IDLE.
>
> It seems that because phase 1 is established it considers the vpn as
> connected. If I click on the drop button then the line will reconnect
as
> soon as it detects any data needed to pass over the vpn.
>
> Any help welcome.
>
> Thanks.
>
>
> regards
> --
> Chris Butler
>
> Please note that because of SPAM problems all emails to this address
will be
> rejected.
>
> Sorry

 

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

Hello,

I have 4 locations, each with a fvs328 router. 3 out 4 locations have
Static IP . The 4th has Sticky IP. This 4th location is unable to
maintain a solid tunnel with the other 3 locations. I have the 1st
protocol est but the 2nd is idle. When I force a ping through
nothing happens. I have to drop the connection and then force a ping
through and then it works. There is NO traffic at this 4th location
too cause the router to overload with data. We are still in the
setup phase before we open the location.

Any ideas on why this is dropping?

 

[gus]

Archived from groups: comp.dcom.vpn (More info?)

I have much the same issue at a remote office with an FVL328, firmware
version 2.0_07, connected via VPN to a Stonesoft cluster in the HQ
location. The VPN will stay up for a week or two and then for no
apparent reason just quit passing traffic. I can get to the external
management interface and login to the router fine. The router can reach
and resolve anything as long as it does not have to be tunneled through
the VPN. I have tried dropping and re-establishing the VPN on the
Netgear side and also doing a warm boot. Neither of these options
worked. A cold 60 second reset by the folks at the remote site is all
that will clear the problem.

I spoke with Netgear support who advised me that I had to talk to their
VPN team and that was a chargeable call. The router is only 60 days old
and has the latest firmware available as of last weekend.

Therefore the lesson learned -- Buy an enterprise class product if you
need that kind of system uptime. The Netgear is going to my five year
old for a science project or something...........

--Gus

Jeff K wrote:
> Hello,
>
> I have 4 locations, each with a fvs328 router. 3 out 4 locations have
> Static IP . The 4th has Sticky IP. This 4th location is unable to
> maintain a solid tunnel with the other 3 locations. I have the 1st
> protocol est but the 2nd is idle. When I force a ping through
> nothing happens. I have to drop the connection and then force a ping
> through and then it works. There is NO traffic at this 4th location
> too cause the router to overload with data. We are still in the
> setup phase before we open the location.
>
> Any ideas on why this is dropping?