[vpn-help] Checkpoint Edge 8.0.36x 15 min VPN timeout issue

Chris Martin cmartin at sjutech.com
Wed Mar 31 12:05:12 CDT 2010


I have been testing the Shrew VPN on Windows Vista 64 bit and the VPN
works great for 15 Min then it stops passing the Traffic between the
Client and the Checkpoint Embedded VPN.

 

Any ideas as to why the VPN client will connect work for 15 min then
stay connected to the tunnel but stop sending the packets encrypted
every 15 min?

 

 

Tunnel is connected:

 

 

 

 

 

Here is the Config:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This is what Checkpoint thinks may be the issue:

 

 

Symptoms   

*	When Security Gateway uses DHCP server to provide Office Mode
IPs, Endpoint Connect client disconnects after 15 minutes. 
*	The following Endpoint Connect log message is displayed: "remote
access client IP address and port were changed" 
*	Users may also see the Endpoint Connect log message: "This
machine's IP can only be used with Office Mode. Please try to connect
using Office Mode." 

 Cause The 3rd Party DHCP server IP lease time is set to 15 minutes.
This time is less than the IKE Phase1 Renegotiation time period.
Solution Configure the 3rd Party DHCP server IP lease time to be
equivalent to the IKE Phase1 Renegotiation time period. 

 

 

 

Here is what the IKE renegotiation is

Ike Renegotiation time is 1440 seconds / 24 min (page 644 of users
guide) 

 

 

 

 

 

 

Chris Martin

SJU Technology Group

Technology Support Manager

Sparrow, Johnson & Ursillo, Inc.

1300 Division Rd, Suite 202

West Warwick RI, 02893            

( Work: (401) 521-4000 ext: 150

( Mobile: (508) 326-2673

( Fax: (401) 274-5368

*  cmartin at sjutech.com <mailto:cmartin at sjutech.com> 

Web:www.sju.com <http://www.sju.com> 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 25678 bytes
Desc: image001.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0013.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 27685 bytes
Desc: image002.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0014.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 29868 bytes
Desc: image003.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0015.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 30692 bytes
Desc: image004.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0016.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 29825 bytes
Desc: image005.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0017.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 28252 bytes
Desc: image006.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0018.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 28963 bytes
Desc: image007.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0019.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.png
Type: image/png
Size: 29733 bytes
Desc: image008.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0020.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image009.png
Type: image/png
Size: 30124 bytes
Desc: image009.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0021.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image010.png
Type: image/png
Size: 29195 bytes
Desc: image010.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0022.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image011.png
Type: image/png
Size: 28146 bytes
Desc: image011.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0023.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image014.gif
Type: image/gif
Size: 682 bytes
Desc: image014.gif
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image016.png
Type: image/png
Size: 167 bytes
Desc: image016.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0024.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image017.png
Type: image/png
Size: 167 bytes
Desc: image017.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100331/9489ca8e/attachment-0025.png>


More information about the vpn-help mailing list