Good morning,
I have some clients running firmware R10-9-5-E that have VPN client disconnect issues that I can't figure out. The VPN client is Shrew Soft version 2.2.2 and 2.1.7 running on both Windows 7 and Windows 8.1 computers. The VPN tunnel will come up as expected and the connection is established. I can RDP into a file sharing PC with no issues and perform updates, use the browser to download files, uninstall software from the Control Panel, etc. The issue is when I copy over a file to the remote PC. In this case as a test I wanted to copy/paste the router firmware file which is 10 to 15MB in size. Once the paste reaches between 60 and 80% the VPN disconnects and my RDP session is obviously terminated. If I enter the VPN password in the Shrew client, it will reconnect and the RDP session reconnects right away, but the file transfer is obviously halted. I can reproduce this effect every time. My clients are getting disconnected in similar fashion.
Please let me know what could be causing this issue.
Thank you!
Andre Laurence
Seeing as nobody has replied and Shrew Soft support is useless, I have dug into this issue since it started over 1 week ago and found the solution. This post may help others with smaller Adtran routers as it is directly related to the "horse power" of the router.
Before giving the solution, this is exactly what occurs...
The Shrew VPN client software will connect to the Netvanta 3120 with no issues and seems to work normally. The user can open mapped folders, ping or access the router as if local, remote desktop to the file sharing PC and work on it remotely. The problem occurs when any larger IPSec traffic occurs. In my test case I was trying to copy a 10MB file to and from the remote desktop PC. In both cases the VPN client would get disconnected at various points during the upload/download of the file copy.
The solution...
When the VPN client and router are transferring data in a constant fashion there is an issue with the Shrew VPN client software and router Dead Peer Detection (DPD) being sent and read back and forth between the two. When the software, or router does not respond to DPD the router thinks the peer is dead and terminates the connection. The issue is resolved by changing the Shrew VPN client software VPN configuration. Modify the VPN Site Configuration you have created, select the second tab called "Client", at the bottom of this section is "Other Options", uncheck "Enable Dead Peer Detection", click "Save".
Once I disabled this option in the Shrew VPN client software I was able to connect and transfer the same file that made the VPN connection terminate prior to the VPN client configuration change.
I hope this helps others since it was driving me crazy and no help was to be found anywhere.
Regards,
André Laurence
Seeing as nobody has replied and Shrew Soft support is useless, I have dug into this issue since it started over 1 week ago and found the solution. This post may help others with smaller Adtran routers as it is directly related to the "horse power" of the router.
Before giving the solution, this is exactly what occurs...
The Shrew VPN client software will connect to the Netvanta 3120 with no issues and seems to work normally. The user can open mapped folders, ping or access the router as if local, remote desktop to the file sharing PC and work on it remotely. The problem occurs when any larger IPSec traffic occurs. In my test case I was trying to copy a 10MB file to and from the remote desktop PC. In both cases the VPN client would get disconnected at various points during the upload/download of the file copy.
The solution...
When the VPN client and router are transferring data in a constant fashion there is an issue with the Shrew VPN client software and router Dead Peer Detection (DPD) being sent and read back and forth between the two. When the software, or router does not respond to DPD the router thinks the peer is dead and terminates the connection. The issue is resolved by changing the Shrew VPN client software VPN configuration. Modify the VPN Site Configuration you have created, select the second tab called "Client", at the bottom of this section is "Other Options", uncheck "Enable Dead Peer Detection", click "Save".
Once I disabled this option in the Shrew VPN client software I was able to connect and transfer the same file that made the VPN connection terminate prior to the VPN client configuration change.
I hope this helps others since it was driving me crazy and no help was to be found anywhere.
Regards,
André Laurence