Tunnel drops randomly
Florin
Newbie ✭
Good day,
We have a SOHO250 wireless-N connecting to a NSa 2650 with a Site to Site VPN using IKE. The SOHO is at the users end with a DHCP IP Address connecting to the 2650 on our end which has a static IP. The tunnel will connect just fine and pass the data and voice traffic but randomly the tunnel will go down and the only way to bring it back up is to power cycle the SOHO, turning the tunnel off and on at either end doesn't seem to work. None of the other SOHO or software VPN users we have connecting to us have reported issues, and this user was solid for months before this issue randomly started happening. We have tried replacing the SOHO with no luck.
When the VPN goes down the user still has an internet connection, and the only thing I can find in the log on the NS end is the following two messages:
Tunnel Down. policy 51(REDACTED), Dst 192.168.193.0 - 192.168.193.255, Src 192.168.37.0 - 192.168.37.255, GW IPREDACTED, inSpi 0x38b8733f, Reason: Remove IPSec SaNode.
and
Received packet retransmission. Drop duplicate packet <- this one shows up a bunch.
I've tried turning Keep Alive off, turning it on, turning the ignore fragment bit on and off and turning IKE Dead Peer on and off (all these on the SOHO end, not the NS end) and am at my wit's end. Anyone got any ideas of what I could look for?
Thank you.
Answers
Hi @Florin
This might be one for Sonicwall support to look deeper into - but i've seen these types of issues when keep alive is enabled on both sides. I saw in your post that you turned it on and off - can you check to make sure at least one side has it enabled and the other side has it disabled?
Hi @TonyA,
Keep Alive is only active on the users end. The option is actually greyed out on the 2650 end, presumably because the IPsec Primary Gateway Name or Address is set to 0.0.0.0.
Hi @Florin
Are there any other log entries after the tunnel goes down?
Hi @TonyA,
No, not until the tunnel comes back up, and then only the normal VPN connection messages.
@Florin
Could you check your logging level - if its not on inform, please put it on inform and next time it happens, please check the logs again.
If the logging level is inform and still there is no log events of the tunnel going down, please contact support as they will need to look deeper into this.