NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
IPSec VPN Deletes After One Hour
I can successfully open a tunnel between the Netgear VPN client and FVS318N VPN router. However after an hour, the VPN log on the router reports ISAKMP-SA expired and the tunnel goes down. I've inc...
Hi jxdomb,
It seems that I don't see any similarity on the VPN logs you've posted from the article below. However, you may double-check it for yourself.
Understanding the VPN logs – ProSafe VPN Client
Kindly answer the questions below:
a. Was it working fine before?
b. What is the current version of the NETGEAR VPN Client software you are using?
c. What is the current firmware version of the FVS318N?
Kindly check the SA Lifetime values as well. Let me share these old forum links that might help:
Regards,
DaneA
NETGEAR Community Team
Thank you for the response. I double-checked the article and agree that I don't see similarities with my situation. I also checked the SA lifetimes as described in the threads and they are in bounds. I am using the latest firmware and client versions:
a. Was it working fine before? This is a new installation.
b. What is the current version of the NETGEAR VPN Client software you are using? 6.30.001
c. What is the current firmware version of the FVS318N? 4.3.3-8
Thank you!
Hi jxdomb,
What is the Operating System of the PC where the NETGEAR VPN Client software is installed?
Is there a software firewall or anti-virus running on the PC where the NETGEAR VPN Client software is installed? If yes, try to disable or uninstall it for the meantime then check if that helps.
Also, you may try to install the NETGEAR VPN Client software on other PCs/laptops to isolate the problem.
Regards,
DaneA
NETGEAR Community Team
I am using the VPN client on a Windows 8.1 desktop. After reviewing the links you provided, I have been adjusting the various SA Lifetimes in the router IPSec policies and in the VPN client. I must admit that I'm still not fully understanding them, but I have managed to get the tunnel to stay open for about four hours before it quits.
Does the 86400 seconds maximum in the client configuration indicate that 1 day is the maximum that an IPSec VPN tunnel is designed to stay up before it needs to be re-initiated by the remote user? What if someone wants to keep a tunnel up for 2 days, a week or even longer?
Thanks for your continued assistance!
Hi jxdomb,
What I know is that the SA Lifetime is the lifetime of the keys that the VPN tunnel uses to encrypt data. If the 86400 seconds has been reached then it negotiates a new key. If ever you have activity going on through the VPN tunnel, this will not be noticeable when the timers expire.
Let me share this link below that I found online and this might help you understand more about SA Lifetime:
Regards,
DaneA
NETGEAR Community Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
