Intermittent VPN flapping issues

Virtual private networks, or VPNs, are becoming increasingly important for businesses who  has remote workers. Through the creation of an encrypted tunnel for internet traffic, VPNs improve privacy, security, and access to resources that are banned. The purpose is to sending all traffic via a VPN tunnel. 

If your VPN frequently disconnects and reconnects, it is probable that data packets are being lost or delayed between your device and the VPN server. This could be due to a problem with the VPN client, your router, or the network connection.

Fig 1.1- Intermittent VPN flapping issues

 ⭐ Reasons of VPN disconnection

• High latency on the WAN connection leads to VPN disconnections
• Internet service provider is actually blocking or rerouting the VPN traffic 
• It may possible that VPN server has congestion 
• Other network issues related to Firewalls and configuration issues
• VPN Device limit approached. 

In this case, you need to check following things listed as below -:

• Make sure there is no change done at remote end which you are not being notified.
• Re-validate the encryption domain (Local and Remote subnet in the vpn) both end should have identical match and exact CIDR.
• Re-check the Phase-1 and Phase-2 Lifetime settings at both ends of the tunnel (Phase-1 life time should be higher than Phase-2)
• Check the DPD (Dead Peer Detection) setting (If you are using different vendor firewall DPD should be disabled.)
• Check configuration in detail and make sure Peer IP should not be natted.
• Make sure internet link should be stable and there is no intermittent drop in the connectivity.

Continue Reading...

• IPsec site-to-site VPN tunnel between Cisco ASA & FortiGate Firewall
• Site to Site IPSec VPN Tunnel between Cisco ASA and Palo Alto Firewalls
• Site-to-Site IPsec VPN Tunnel with two FortiGate Firewalls
• IPsec site-to-site VPN tunnel between Palo Alto Firewall & FortiGate Firewall
• Lan-to-Lan IPSEC VPN between two Cisco Routers
• Security: FortiGate to SonicWall VPN Tunnel setup
• How to configure IPSEC Tunnel configurations between two routers across Internet

Free Tools...

• Internet Speed Test - The Network DNA
• IP Address Calculator - The Network DNA
• Password Generator Tool - The Network DNA
• What is my IP address & Location - The Network DNA
• API Collection - The Network DNA
• Visio Stencils & Icons - The Network DNA