I posted this to a forum on DSLReports, but am posting it here, too, in hopes of getting an answer:
A little background: I work from home and connect via VPN to my employer's network. Last Friday I had a Comcast business line installed in my house and moved over to it from my residential line. Prior to the move, I had no trouble with the VPN. Since the USG 200 is also new, it could be either the new line or the new firewall, but, after talking to Comcast tech support today, there seems to be nothing wrong with my line.
Everything I could find online so far that seemed related to this involved the Zywall being used as a VPN endpoint. The USG 200 here is not used as a VPN endpoint at this time - only as a firewall/router. I connect to my employer's network over an IPSEC VPN. I have a static IP, assigned to the WAN interface of the USG 200. Everything else seems to work; only my VPN connections to work have issues.
The VPN client config from my employer is set to use UDP, NAT-T and Dead Peer Detection.
I can connect to my employer's VPN without issue. After some amount of time (it varies between a few minutes and half an hour or so) I get disconnected. None of the other remote employees are having this problem and it didn't occur prior to the new line and new firewall. I've tried repeatedly today connecting from both Windows XP and Windows 7, using both Cisco's VPN client and the Shrew Soft client. Both get disconnected; sometimes at the same time, sometimes one will stay connected for a while longer than the other. Looking in the USG 200 log, I just see entries that say "[COOKIE] Invalid cookie, no sa found", but I'm not sure if those are related to the problem or if they just show that the connection dropped.
I'm not sure what other information would be useful. Has anyone else encountered this or have any idea what might be causing my VPN client to disconnect (and how to fix it)?
It is no use having your Cisco VPN software installed, since you can access your company's headquarters directly from your ZyWALL USG-200. Yo have to configure VPN /L2TP directly on your Zyxel device. Since the machine at the endpoint is Cisco, as you suggested, you shouldn't have problems. I'm connecting from a regular SOHO router to a
ZyWALL USG-200 at my company's headquarters (I'm using Fedora Linux) and I haven't any problem yet. I hope this solves your problem.