Linksys → Re: [VPN] Solutions and problems w/ BEFSX41 BEFVP41 VPN

And what are the results if you enable keep-alive on both ends? My reason for asking, is if the tunnel is destroyed and recreated upon key expiration anyway, then why would keep-alive be a bad solution? In theory, the keep-alive should 'detect' a tunnel outage, and refresh the "CONNECT" process...bringing the tunnel back into service.

As a suggestion, you might be able to closely simulate a weeks worth of VPN connectivity, by reducing your key expiration times to extremely short intervals. I used a key timer of 300 seconds (5 minutes) in hopes of simulating a longer period of time. This way, the tunnel is torn down, and rebuilt very frequently. Since failures seem to occur after an approximate number of key expirations, this might reveal your test results much quicker.

Hi DJ,

I try to simulate the real production environment. Pure accelerated laboratory tests do not tell the truth.

There are more variables in this kind of game, like the broken WAN DHCP of BEFVP41, which make the real life situation far more complicated.

The most serious problem with SX/VP-combo is that the failure of the tunnel is irrecoverable without user intervention. You need to unplug/replug SX to regain the functionality. This is not acceptable for normal SOHO environment.