win 10/Android 7.0 phone connecting to the PPTP VPN over 4G disconnects when idle for some minutes.

PeterUK
PeterUK Posts: 2,655  Guru Member
First Anniversary 10 Comments Friend Collector First Answer
edited April 2021 in Security
VPN2S  1.20(ABLN.2)

So I setup a PPTP VPN server on the VPN2S I connect to it by my phone that got Android 7.0 when doing nothing and idle for some time past the VPN connection disconnects and does not stay connected.

also happens with win 10 over 4G too

Comments

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @PeterUK
    It's normal behavior that if there is none of traffic on PPTP tunnel, the tunnel will be disconnected in the seconds which you set on the Keep timer filed. 
    Otherwise, the tunnel can be alive for mins because after tunnel established, server and client will send negotiate packet in the tunnel in the beginning.  
    Charlie
  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    If the keep alive timer is set to 1 with a reboot to set it when no traffic being sent the keep alive timer sends a echo request back to the client from port 1723 every second this is to keep the connection alive but does not keep the GRE tunnel alive.

    So the keep alive timer is to stop the tunnel from closing but fails to do so because it does not keep the GRE tunnel alive only the PPTP port by TCP.

    If keep alive timer is set to 1 second it takes minutes before the tunnel disconnects not the tunnel will be disconnected in the seconds which you set on the Keep timer filed.

    If you can make the keep alive timer send a ping to the client by GRE this will solve the disconnection problem.


  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
     @PeterUK
    Can you screenshot the configuration on PPTP page? I would like to check it on my lab.
  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited October 2020
    Note that I made a firewall rule for PPTP from WAN to router which seems to auto allow GRE also the keep alive timer set to 1 only works after a reboot.

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @PeterUK

    Is it your purpose to let the PPTP tunnel stay connected even PPTP client idle for a while? 


  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited November 2020
    @PeterUK

    Is it your purpose to let the PPTP tunnel stay connected even PPTP client idle for a while? 


     

    Yes and I thought the keep alive timer was to do just that, the only other way to keep the tunnel open is for the client to send a ping.

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @PeterUK
    We dont have any plan in certain enhancement. However, to have further evaluation, I would like to move this case to Ideas.

Security Highlight