After 2 months without any reply I hope a bump is ok :).

The behavior still exists as stated above. The only possible solution to end the internet disconnects is disabling the VPN in general and only activate it on demand when I'm connecting to my azure lab. This is ok for my home network but definatly not an option for customers. Also it is interesting that the subnets are not reconnecting after the automatic disconnect.

I have the same Issue, Azure tunnel goes up and down all the time also my subnets are not reconnecting after the automatic disconnect.

Guys,

this is primarily a user to user forum and just because you post an issue in here does not mean you will get an answer.

If you have an issue you need to create a support case.

Ian

Hey,

Creating a support case doesn't work with the home license.

Regarding my issue their seems to be a development on the sophos side.

Issues Resolved in SF 17.5 MR6

• NC-38688 [IPsec] Sporadic connection interruption to local XG after IPsec rekeying

This sounds pretty much like my problem. I've already upgraded to MR6 and will have a look if the behavior changed.

Unluckily not resolved. Will test again in V18 EAP

Unluckily not resolved. Will test again in V18 EAP

In our tunnels to Azure VPN gateway I have found a few things that help.

1. On the XG, try to keep the number of Remote Subnets (Azure side) to a minimum, only one such as the entire VNet if possible.  We had one tunnel where individual subnets (had six in the list) were used and the stability of the tunnel took a dive.
2. Clone the built-in Azure IPsec policy.  Disable the rekey of the connection, so it only will rekey when Azure VPN gateway decides to.

Those two things have helped us a ton!

Nate

Thank you for the tip with the re-key deactivation. I thought I did that but it seems that somehow I ticked that checkbox on my cloned policy. Will test it again and check if it changed in behavior. Still, a internet reconnect must not happen if an IPSec tunnel changes state.