Site to Site IpSec VPN disconnected over ADSL

Dear All, we have an ADSL connection in our Egypt office, i can cretae Site to site VPN using IpSec and it is getting conencted initial time. Then the connection is not stable and at the end it is not getting conencted back.

When i Check with the sophos support, they advised it is an issue of ISP since the 500and 4500 ports anot communicating properly.

And from ISP, they said there is issue with the VPN conenctivity from ADSL line. 

 

have you ever face such issues, is ther a eay to solve this issue?

  • Could you take a look at your strongswan.log at the time stamp of the drop and see if there are  any rekeys or other such behaviour.

    Does the whole tunnel collapse or just the SA's dropping?

    If you stop and start the tunnel after a drop - does it come back up or take time before you can re-establish?

    You could also set up a constant (-t) ping to your external ip to see if the sites unreachable at these times.

    Let us all know.

  • In reply to James GLUK:

    Actually whenever we configure the site to site it is getting connected later on it is disconnected automatically.  

    Then if create a tunnel for a new site,  one time it gets connected then in few hours it is getting disconnected and never getting connected.

    Will it be an issue of ADSL line in egypt.  Because we have a vague idea like this from the ISP.

    What all the logs can be taken to get the exact idea.  Which can be shared with the isp to prove the issue is from ISP