This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Avaya 9608G VPN/Phone dropping every 2-4 hours; sometimes randomly

Hello,

We have about 4 users who are currently working from home with Avaya 9608G IP phones. Since they started working from home, all 4 of them have been experiencing random phone resets throughout the day seemingly due to the VPN connection resetting with "VPN tunnel failure" appearing sometimes.

The phones are using the VPN configuration outlined by PL101 in this post: https://community.sophos.com/utm-firewall/f/vpn-site-to-site-and-remote-access/54496/ipsec-with-avaya-9600-vpn-phone#pi2353=1

We think the issue could be similar to the issue this user was having: https://community.sophos.com/utm-firewall/f/vpn-site-to-site-and-remote-access/91536/issue-with-avaya-9611-vpn-phone-and-ipsec-connection-dropping/350589#350589

Troubleshooting steps we have taken:

- Assign unique usernames and IKE ID's to each phone
- Increased the IPsec and IKE SA timeout settings from the default to 6 hours (Recently made this change; waiting to see if it worked)

Here is a log where VPNPHONE2 lost its connection. The logs point to SA renegotiating as the cause; but even so, why would SA expirations bring the phones down? Is there a way to solve this without increasing SA timeouts?



This thread was automatically locked due to age.
  • Hello,

    I guess its ipsec XAUTH, opensvan EVENT_SA_EXPIRE is phase 1 timeout (Sophos using opensvan in backend). For both phase 1 and phase 2, you can prolong time to like 24 hours, might solve your case (which you seem to try already)

  • Hi and welcome to the UTM Community!

    If you haven't solved the problem and still want help, please show pictures of the Edits of the IPsec Policy and the IPsec Remote Access rule.  Also, tell us if DPD is activated.  It's rare that enabling debug in the IPsec log is helpful.  Confirm that Debug is not enabled and then, instead of a picture, copy here about 60 lines ending with the disconnect.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA