Hi All.

We have a customer with a 3900 at their HQ.

It dials out to 14 2860 routers at remote sites and establishes 2x IPSec VPN each. Separated by VLANs one for data one for voice.

All sites are identical in setup - apart from remote IPs.

On 3 of the sites, the data VPN drops every 3mins (almost to the second!) the voice VPN stays solid.

I've been concentrating on one site and have had a ping going from a server behind the 3900 going to a PC on the remote site. It drops 1, maybe 2 pings each time the VPN drops and reconnects - it reconnects that quickly.

All routers are on the latest firmware.

I've created new VPN profiles for the one site and have changed just about every timeout/delay feature I can, added 'ping to keep alive', DPD on and off.

There are pretty much set as default settings; IKEv1 protocol, PSK auth, ESP security protocol. The only change on the advanced tab is to enable RIP via VPN.
Settings on the proposal tab are;
IKE phase 1 proposal DES G1
IKE phase 1 auth ALL
IKE phase 2 proposal 3DES with auth
IKE phase 2 auth ALL
Accepted proposal acceptall

If both VPNs were dropping this way, I'd be straight on to the ISP, but the voice one is solid....

Does anyone have any ideas?

On a personal note, I've only been in this job a week, so to fix this would be cool!!

I have logged a ticket with Draytek support - but its been 48hrs without any update so far!

Many thanks
Bryan

EDIT: Just created a PPTP LAN to LAN VPN and it stays up fine - so really can't be the ISP.....