Zywall USG 200 possibly causing VPN clients to disconnect
Last response: in Networking
I posted this to a forum on DSLReports, but am posting it here, too, in hopes of getting an answer:
A little background: I work from home and connect via VPN to my employer's network. Last Friday I had a Comcast business line installed in my house and moved over to it from my residential line. Prior to the move, I had no trouble with the VPN. Since the USG 200 is also new, it could be either the new line or the new firewall, but, after talking to Comcast tech support today, there seems to be nothing wrong with my line.
Everything I could find online so far that seemed related to this involved the Zywall being used as a VPN endpoint. The USG 200 here is not used as a VPN endpoint at this time - only as a firewall/router. I connect to my employer's network over an IPSEC VPN. I have a static IP, assigned to the WAN interface of the USG 200. Everything else seems to work; only my VPN connections to work have issues.
My connection looks like this:
VPN client -> USG 200 -> cable modem -> Internet -> Employer VPN
The VPN client config from my employer is set to use UDP, NAT-T and Dead Peer Detection.
I can connect to my employer's VPN without issue. After some amount of time (it varies between a few minutes and half an hour or so) I get disconnected. None of the other remote employees are having this problem and it didn't occur prior to the new line and new firewall. I've tried repeatedly today connecting from both Windows XP and Windows 7, using both Cisco's VPN client and the Shrew Soft client. Both get disconnected; sometimes at the same time, sometimes one will stay connected for a while longer than the other. Looking in the USG 200 log, I just see entries that say "[COOKIE] Invalid cookie, no sa found", but I'm not sure if those are related to the problem or if they just show that the connection dropped.
I'm not sure what other information would be useful. Has anyone else encountered this or have any idea what might be causing my VPN client to disconnect (and how to fix it)?
A little background: I work from home and connect via VPN to my employer's network. Last Friday I had a Comcast business line installed in my house and moved over to it from my residential line. Prior to the move, I had no trouble with the VPN. Since the USG 200 is also new, it could be either the new line or the new firewall, but, after talking to Comcast tech support today, there seems to be nothing wrong with my line.
Everything I could find online so far that seemed related to this involved the Zywall being used as a VPN endpoint. The USG 200 here is not used as a VPN endpoint at this time - only as a firewall/router. I connect to my employer's network over an IPSEC VPN. I have a static IP, assigned to the WAN interface of the USG 200. Everything else seems to work; only my VPN connections to work have issues.
My connection looks like this:
VPN client -> USG 200 -> cable modem -> Internet -> Employer VPN
The VPN client config from my employer is set to use UDP, NAT-T and Dead Peer Detection.
I can connect to my employer's VPN without issue. After some amount of time (it varies between a few minutes and half an hour or so) I get disconnected. None of the other remote employees are having this problem and it didn't occur prior to the new line and new firewall. I've tried repeatedly today connecting from both Windows XP and Windows 7, using both Cisco's VPN client and the Shrew Soft client. Both get disconnected; sometimes at the same time, sometimes one will stay connected for a while longer than the other. Looking in the USG 200 log, I just see entries that say "[COOKIE] Invalid cookie, no sa found", but I'm not sure if those are related to the problem or if they just show that the connection dropped.
I'm not sure what other information would be useful. Has anyone else encountered this or have any idea what might be causing my VPN client to disconnect (and how to fix it)?
It is no use having your Cisco VPN software installed, since you can access your company's headquarters directly from your ZyWALL USG-200. Yo have to configure VPN /L2TP directly on your Zyxel device. Since the machine at the endpoint is Cisco, as you suggested, you shouldn't have problems. I'm connecting from a regular SOHO router to a
ZyWALL USG-200 at my company's headquarters (I'm using Fedora Linux) and I haven't any problem yet. I hope this solves your problem.
ZyWALL USG-200 at my company's headquarters (I'm using Fedora Linux) and I haven't any problem yet. I hope this solves your problem.
Related ressources:
- ForumFrom 1 to 5 public IPs, what do I do now?
- ForumVPN between 3 zywalls
- ForumTS Clients disconnect sporadically??
- ForumVPN Network connecting thru internet
- ForumHardware Firewall Recommendation
- ForumFirewall (cheap) that supports PPTP inbound to firewall
- Forumvideo link from hotel to home
- ForumContivity VPN Client and home network
- ForumCountdown to Windows Vista: The THG Rundown
- ForumWhich Firewall?
- ForumFirewall comparisons
- ForumCan.t keep VPN from auto connecting
- ForumVPN connection seems to work. Now what?
- ForumWireless Ethernet Bridging at 200 Kilometers
- ForumToshiba Satellite A 200 Random Shutdown
- ForumVPN routing from NAT to NAT
- ForumComplex VPN Dropping Issue....Need help...
- ForumVPN Logs off internet connection using MN700
- ForumPulling DHCP from Cable Modem instead of wireless router
- Forum[Solved] VPN Router?
- More resources
Read discussions in other Networking categories
!
