Hi all,
the stability of IPSec-VPNs with ASGs seems to be very instable on xDSL Lines (at least in Germany on lines from T-Systems Provider). This lines are resetted every 24 hours. After a reset, many ASGs do not reconnect automatically. The VPNs are
displayed as "active" in Webadmin but no Traffic will pass through the Tunnel. We developed a small shellscript which send continuously ICMP packets through the VPN connection and restart the whole VPN system if no data pass through. This work-around only works on low loaded systems, however. Some of our Customers have 30-40 VPN Connection per ASG. Imagine: 2 high-loaded Machines with 30 VPN Connections, each, will restart its VPN System, say 20 times a day! Customers will love it!.
Astaro developed a work around, too. But the result is the same: Restart of the whole VPN Bunch!.
Clearly:
The evidence of this "VPN-Feature" is growing with the Number of active VPN connections, but large Customers will need more VPNs. And will buy Machines which will provide stable VPNs, even in Germany.
I cannot belive, that we are the "one and only" which such themes. Please give me feedback about your experience!
-Thanks
This thread was automatically locked due to age.
