DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Serious bug with LAN to LAN ipsec VPN?

  • la2
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
07 Feb 2018 01:33 #90655 by la2
Hello,

For a while now, I've been experiencing issues with an IPsec LAN to LAN VPN between two sites - both using 2860's. The issue is that the VPN is constantly dropping very briefly then re-connecting again the whole time. The "Always On" and "Idle timeout" are set so the connection remain open. Both sites are UK based and have solid stable ADSL connections with static IP's.

Today, I tried enabling the "Ping to keep IPsec tunnel alive" setting and entered an IP address to see if this would prevent the connection dropping all the time.

What happen them was total calamity. The WHOLE network went down. Multiple access points, 10 IP cameras, all IP phones as well as other PC connections and network switches (and these are on on different VLANs - we have quite a large network here). All lost the ability to ping anything and get a DHCP address. Even devices on the same subnet with static IP's couldn't communicate with each other. It's as if I was experiencing a massive DDoS attack on the whole network!

After a short while, the 2860 appeared to reboot; however as soon as the ADSL connection and VLAN came back up, the same thing happened again. I had to physically pull out the ADSL connection so the 2860 would reboot ok and I can disable the "Pink to keep IPsec tunnel alive" option.

This is very concerning. Any pointers on what could be happening? I can only see it as being a massive bug in the 2860 firmware, as NOTHING else was changed.

Thanks,

Dan

Please Log in or Create an account to join the conversation.

  • la2
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
07 Feb 2018 02:07 #90656 by la2
An update...

I've just tried adjusting the "Idle timeout" value. Upon re-enabling the "always on" option after a short test period, then 2860 locked up then re-booted. In between this and the first incident I reloaded the firmware incase the original had got corrupted.

Defiantly a bug.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami