I configured a L2TP VPN with ipsec. I can connect and it works fine. But after a while I get disconnected from my remote desktop session, I’m still connected to the VPN according to Windows VPN client. I have to disconnect the VPN, connect again and connect back to remote desktop. I need this to work better because I will use this for work when I am on the move. Here is my log from the relevant place
the packet is retransmitted by [10378].
the packet is retransmitted by [10378].
purging ISAKMP-SA [4500]<=>[10403] spi=.
ISAKMP-SA deleted [4500]-[10403] spi: rekey:1
respond new phase 1 (Identity Protection): [4500]<=>[10378]
ISAKMP-SA established [4500]-[10378] spi:
Let me know if you need any export from my config
Thanks
I was on a cell phone connection. Though a stable one. This worked just fine with my old PPTP VPN configured on my windows machine. It even worked fine when the cell phone connection was less stable when I was working from my country house for example. This is pretty important for me because I work on the move from cell phone connections all the time.
I followed this guide so my setup is pretty much on par with this one
Only change I did in firewall was to require ipsec policy for port 1701
edit: I have been working now for a while from a landline without problem so its seems its sensetive to packet loss. How can i make it less sensitive to packet loss?
I have been working for about 3 hours now from a landline and without any connection issues.
I reseted my traffic counter at that point I had a few drops recorded from previous run with a cell phone. After 3 hours no recorded packet drops
I’m pretty sure the VPN responds badly to packet drops. So I guess my question in how I can make it more resilient to a few packet drops. Thanks
Change VPN ?
Wireguard comes to mind, have used it quite a bit using cell-connections without major problems (wireguard on cell phone and/or using SXT LTE as modem).
Even when being in a car driving on the highway, hopping from base station to base station.
It handles reconnects pretty well.
Are you saying the VPN server in the router isnt good enough? Hard to think it would be worse than just Windows PPTP VPN Server that used to work just fine.
My old combo was Windows PPTP VPN Server and windows built in VPN client. Work flawless unless there was very long downtime like going into a tunnel on a train for example. But now I get disconnected when I have perfect 4G reception.
No, that’s your conclusion. I am not saying that at all.
Just that some VPN protocols are more sensitive to connection drops then others.
E.g. when I make connection using Azure Remote Desktop to a virtual server over cell or Wifi I get kicked out at least once or twice a day.
Usually it will recover within the following seconds but it is an annoyance when it happens.
Never happens when using a fixed line. No drops. Nada.
PS As an added plus: wireguard is also less heavy then L2TP so it will go faster or if you want to look at it from another angle, less load on the line so less chances of getting packet drops
Ah, its built into the router. I missed that, only looked at L2TP and OpenVPN. Will have a go.
edit: Aha, doesnt work with the built in windows client. Thats a pain.
There must be a way to configure l2TP to be more stable on cell connections?
What doesn’t work with build in client ? Wireguard ?
It is a separate service you need to install. Same concept as OpenVPN, there you also need a separate service to be installed.
