Hello everyone!

We encountered a problem when connecting Endpoint clients via Remote Access.

Successfully connected clients disconnect after some time and in SmartConsole we see tunnel_test drop logs. The problem occurs only with some VPN clients when working with files. After the drop, a reconnection occurs, which lasts for several minutes, several attempts of automatic reconnection may be required to successfully connect again.

The environment in which the problem occurs is VSX and R81.10. Nat-t is enabled.

We tried to debug VPN-related processes and found that iked debug did not start with the message: 'iked' is currently disabled.
The vpn iked status command also shows the result:
vpn: 'iked' is disabled.
vpn: The 'iked' process is currently not running.

The documentation related to iked debugging says that iked can be disabled when using legacy mode. But we did not disable iked manually. The upgrade to R81.10 was over a year ago, but tunnel_test issues appeared later.

Does anyone know a solution to this problem? Can we simply enable iked with vpn iked enable?

The documentation says that this modifies the $FWDIR/boot/modules/fwkern.conf file and may break the SSH session. Will enabling iked in this way have a negative impact on the system and current VPN connections?

I would appreciate any help!