Connection lost when sending big files

OTADMIN

Hey,

i've got a IPSEC vpn between 2 building.
Our head office and a smaller one.
Head office: USG210
Branch Office: USG60

All our servers are at the head office. The people in the branch office make connection to the head office for there files, apps,...

If they download a big file from the server, there is no problem.
If they try to upload one (ex 60 mb), or try to save a big file the connection is lost.

Also when i try to ping with a bigger file size (ex ping #.#.#.# -l 50000 -t) then the connection is lost.
When i ping to 8.8.8.8 with 50000, it works fine.

I enabled  

"Ignore "Don't Fragment" setting in IPv4 header

"

, but didn't change anything.

Tried to play with the mss size, but also no solution.

Any ideas?

Thanks a lot!!!

Zyxel_Cooldia

Hi @OTADMIN,
Did you enable DPD on both site, can you disable phase 1 DPD temporarily and try it again.

warwickt

HI OTADMIN, agree with Zyxel_Cooldia to disable Dead Peer Detection on the Phase 1 Gateway . 

USG UI / Configuration / IPSEC VPN / VPN Gateway / <your_gateway_for_L2TP_VPN..>  or <site-to-site>/ Phase 1 Settings / Advanced / Dead Peer Detection (DPD) = OFF  (untick it )

The L2TP VPN client connection from your mac/pc  or th eUSG's  or Peer site VPN will be more connection will be stable.

( We've seen this with work consistently less desirable ISPs ....(less popular).... where the ISP  service is less sought after so to speak   )

If you look in the USG logs on the USG you will see under IKE logs "peer connection lost" or similar...... 

HTH

warwickt
Hong Kong