Connection lost when sending big files
Options
Hey,
i've got a IPSEC vpn between 2 building.
Our head office and a smaller one.
Head office: USG210
Branch Office: USG60
All our servers are at the head office. The people in the branch office make connection to the head office for there files, apps,...
If they download a big file from the server, there is no problem.
If they try to upload one (ex 60 mb), or try to save a big file the connection is lost.
Also when i try to ping with a bigger file size (ex ping #.#.#.# -l 50000 -t) then the connection is lost.
When i ping to 8.8.8.8 with 50000, it works fine.
I enabled
, but didn't change anything.
Tried to play with the mss size, but also no solution.
Any ideas?
Thanks a lot!!!
i've got a IPSEC vpn between 2 building.
Our head office and a smaller one.
Head office: USG210
Branch Office: USG60
All our servers are at the head office. The people in the branch office make connection to the head office for there files, apps,...
If they download a big file from the server, there is no problem.
If they try to upload one (ex 60 mb), or try to save a big file the connection is lost.
Also when i try to ping with a bigger file size (ex ping #.#.#.# -l 50000 -t) then the connection is lost.
When i ping to 8.8.8.8 with 50000, it works fine.
I enabled
"Ignore "Don't Fragment" setting in IPv4 header | " |
Tried to play with the mss size, but also no solution.
Any ideas?
Thanks a lot!!!
0
Comments
-
Hi @OTADMIN,
Did you enable DPD on both site, can you disable phase 1 DPD temporarily and try it again.
0 -
HI OTADMIN, agree with Zyxel_Cooldia to disable Dead Peer Detection on the Phase 1 Gateway .
USG UI / Configuration / IPSEC VPN / VPN Gateway / <your_gateway_for_L2TP_VPN..> or <site-to-site>/ Phase 1 Settings / Advanced / Dead Peer Detection (DPD) = OFF (untick it )
The L2TP VPN client connection from your mac/pc or th eUSG's or Peer site VPN will be more connection will be stable.
( We've seen this with work consistently less desirable ISPs ....(less popular).... where the ISP service is less sought after so to speak )
If you look in the USG logs on the USG you will see under IKE logs "peer connection lost" or similar......
HTH
warwickt
Hong Kong1
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 52 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight