Re: After the VPN client dials in for a period of ...

Wang · ‎2020-03-01

Hi，Engineers, I'd like to ask you a question

After the VPN client dials in for a period of time, the connection is often interrupted about two hours later.What caused the connection to fail

PhoneBoy · ‎2020-03-01

Please describe in detail what you mean by "interruption."
I'm guessing this is when the client is asking for reauthentication from the end user, which it periodically does.

Wang · ‎2020-03-01

After using the VPN client to dial in for two hours, the client cannot dial in the VPN, so it can only dial in the VPN client by manually re-entering the password

_Val_ · ‎2020-03-01

If your VPN goes down every two (or several, depending on IKE time-outs) hours, check that you can still reach CRL distribution point when VPN is up.

The classic case is:

1. VPN is down. IKE is established with certificates based auth. CLR is available, tunnel goes up.

2. Once keys are expired, GWs try to re-negotiate. Auth fails because CRL is no longer available. Tunnel goes down.

3. GWs retry IKE, once tunnel is down, CRL becomes reachable again, tunnel goes up.

Wang · ‎2020-03-01

Sorry, I don't quite understand

LucasCosta · ‎2020-03-02

What is the timeout configured in the global properties ?

Wang · ‎2020-03-04

微信图片_20200304232201.png It is the same as the screenshot you sent

Are there any other screening methods?

Are you a member of CheckMates?

After the VPN client dials in for a period of time, the interruption occurs automatically