Always list the specific firmware. The "latest" means nothing if a new firmware gets release the next day.
How often are your public IP's changing?
I've seen ISP's (VZ DSL) change IP's via DHCP as often as once a minute. Everytime that IP changes the tunnel will drop.
Having DHCP on the WAN you should lower the SA Lifetimes. I use 3600 at most on dynamic WAN's, less if ISP DHCP expiration is set shorter than an hour (match the expiration time).
Public IP's (even though DHCP) are not changing over several months now, and worked fine with these IP's for month or two,before the issue suddeny started
SA Lifetimes were set to 8 hours and the connection was resetting every 15 to 20 minutes.
I switched them to 24 hours.
They are both running 3.1.1-18 whihc is newest according to the Netgear download page.
They were both running 3.0.7-34 and working fine, before the issue suddeny started.
Are you sure the WAN connection is not dropping out?
Not sure what diagnostic software you run but have you tried a continuous PING to the remote site WAN IP to see if it drops, and for how long? If it drops, figure out where it is dropping. Run a few traceroutes and notate the IP's.
You also need to find out what the DHCP expiration is set for. Just because the IP isn't changing doesn't mean that it isn't renewing itself every 15 or 20 minutes. Whenever the WAN renews your VPN tunnels can drop (I've seen it happen in as little as 4 seconds for the VPN to renegotiate). This is probably not enough to disrupt someones browsing but could be enough for it to booger up a VPN transfer.
Who is the ISP and what type of service is it? Same on both sides? (I see you mention Cox)
