MUVPN with IPSec Random Disconnects

We have recently been having random disconnects with users using the MUVPN client over IPsec. Looking at the logs these seem to coincide with dead peer protection errors.

We currently have discussions in the team if DpD should be used and using IKE keep Alive instead?

Are there any white papers available on what the best practices for the what the phase 1 & 2 settings should be?

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Tomcat31
    Dead Peer Detection is (basically) the client and firewall sending pings to each other to see if they're still there. If you're suddenly running into issues due to DPD (meaning the firewall and/or client thinks they've lost connection) I'd suggest starting at the connection. Especially if no setting changes have been made on the firewall related to the VPN.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.