With our entire firm now WFH, this problem is really messing up our workflow.
We have a Balance One configured for remote access over L2TP/IPsec. It’s “mostly fine” until somebody needs to send a large file (200-600 Megabytes) at which point we almost always get the “Disconnected by VPN server” message on our systems and need to restart the transfer, sometimes multiple times. Sometimes, quickly reconnecting the VPN will still fall within out specialized software transfer timeout and it will complete.
I can see from this forum that this is not exactly an isolated issue.
The router has 8.0.2 firmware. MTU settings are on “Auto”. I opened a support ticket requesting help with troubleshooting but never got a response.
I’m considering switching over to OpenVPN now that it’s available with version 8.x, but I’m not sure this will help. Ideas?
@straightTalk, I have L2TP links that stay connected for days and weeks with many gigabytes of data transfer. The only time they break is with an internet service interruption. I’m using Windows 10 built in L2TP client, with Microsoft CHAP 2 security enabled. Are you using the same?
@Don_Ferrario, no, all of our team use some recent variation of MacOS which has a built-in L2TP client. I can’t tell you which crypto it uses, I only know that the “disable weak cryptos” option on the Balance One is NOT checked.
We have one guy on the team who has fiber straight to his home and he doesn’t complain, but I’m at the opposite end of the spectrum. I’m literally at the end of the DSL line (my line has the capacity of ~90mbps down and ~16mbps up before things go really bad - but I get consistent 50down/12up with low attenuation but also quite narrow noise margin of 6.4-7dB on the upload side).
Again, I don’t know why this would necessarily cause VPN tunnel to fail while file transfer is steadily coming across. And none of my home office equipment is signalling loss of the DSL connection which would break the tunnel immediately.
Could you test with a Windows laptop at one of the same locations? Not sure that will help but its probably something you can do at no cost. I think you have an issue with internet quality especially with DSL.
I would consider investing in a low end Peplink router and set up PepVPN at each remote location. PepVPN is far more stable than L2TP, and your users won’t have to go through a VPN connection process every time. You can program the router to send all traffic back to home office, or only traffic which requires the VPN. A SOHO Router doesn’t cost much.
