Zywall USG 200 possibly causing VPN clients to disconnect

I posted this to a forum on DSLReports, but am posting it here, too, in hopes of getting an answer:

A little background: I work from home and connect via VPN to my employer's network. Last Friday I had a Comcast business line installed in my house and moved over to it from my residential line. Prior to the move, I had no trouble with the VPN. Since the USG 200 is also new, it could be either the new line or the new firewall, but, after talking to Comcast tech support today, there seems to be nothing wrong with my line.

Everything I could find online so far that seemed related to this involved the Zywall being used as a VPN endpoint. The USG 200 here is not used as a VPN endpoint at this time - only as a firewall/router. I connect to my employer's network over an IPSEC VPN. I have a static IP, assigned to the WAN interface of the USG 200. Everything else seems to work; only my VPN connections to work have issues.

My connection looks like this:

VPN client -> USG 200 -> cable modem -> Internet -> Employer VPN

The VPN client config from my employer is set to use UDP, NAT-T and Dead Peer Detection.

I can connect to my employer's VPN without issue. After some amount of time (it varies between a few minutes and half an hour or so) I get disconnected. None of the other remote employees are having this problem and it didn't occur prior to the new line and new firewall. I've tried repeatedly today connecting from both Windows XP and Windows 7, using both Cisco's VPN client and the Shrew Soft client. Both get disconnected; sometimes at the same time, sometimes one will stay connected for a while longer than the other. Looking in the USG 200 log, I just see entries that say "[COOKIE] Invalid cookie, no sa found", but I'm not sure if those are related to the problem or if they just show that the connection dropped.

I'm not sure what other information would be useful. Has anyone else encountered this or have any idea what might be causing my VPN client to disconnect (and how to fix it)?
3 answers Last reply
More about zywall possibly causing clients disconnect
  1. did you get any responses or resultion on that issue, I got the same!
  2. It is no use having your Cisco VPN software installed, since you can access your company's headquarters directly from your ZyWALL USG-200. Yo have to configure VPN /L2TP directly on your Zyxel device. Since the machine at the endpoint is Cisco, as you suggested, you shouldn't have problems. I'm connecting from a regular SOHO router to a
    ZyWALL USG-200 at my company's headquarters (I'm using Fedora Linux) and I haven't any problem yet. I hope this solves your problem.
  3. rainerrabe said:
    did you get any responses or resultion on that issue, I got the same!


    I have the same setup as well...

    Employer VPN client -> USG 200 -> cable modem -> Internet -> Employer VPN

    Were you able to fix the issue?

    Kind regards,
Ask a new question

Read More

vpn Connection Networking