Has anyone experienced issues with RA VPN clients (Check Point Endpoint Security) sucessfully conecting and than sudenly connection is dropped and reconnecting started after 15 seconds? After reconnecting the RA VPN session the same problem is repeating over and over again.

I have a 5600 cluster with Gaia R80.40 and I have found following in my SmartConsole logs:

tunnel_test (UDP/18234)   tunnel_test Traffic dropped from 172.16.10.7 to <cluster_public_IP>

where 172.16.10.7 is an IP address assigned to a VPN client from my Office Pool

I have tried tcpdump on my gateway and found following 5 packet are received on gateway before the connection is dropped:

11:41:15.294804 IP <router-address>.61852 > <cluster-address>.ipsec-nat-t: UDP-encap: ESP(spi=0x5c067c2e,seq=0x3), length 76
11:41:17.753991 IP <router-address>.61852 > <cluster-address>.ipsec-nat-t: UDP-encap: ESP(spi=0x5c067c2e,seq=0x4), length 76
11:41:20.559832 IP <router-address>.61852 > <cluster-address>.ipsec-nat-t: UDP-encap: ESP(spi=0x5c067c2e,seq=0x5), length 76
11:41:23.168907 IP <router-address>.61852 > <cluster-address>.ipsec-nat-t: UDP-encap: ESP(spi=0x5c067c2e,seq=0x6), length 76
11:41:25.609312 IP <router-address>.61852 > <cluster-address>.ipsec-nat-t: UDP-encap: ESP(spi=0x5c067c2e,seq=0x7), length 76
11:41:27.640155 IP <router-address>.61852 > <cluster-address>.ipsec-nat-t: UDP-encap: ESP(spi=0x5c067c2e,seq=0x8), length 76

where my endpoint client is NATed behind router public IP. I believe my 5600 gateway is not responding to UDP tunnel keepalive traffic so it gets disconnected after 15 sesonds. I am not sure where to look for such an option. I already enabled NAT-T traversal, but it did make any change.

Does someone have some suggestions what I should check?