Skip to content
ChrisCATech's profile

New Member

 • 

1 Message

Mon, Nov 3, 2014 4:00 PM

VPN Connection Loss (Intermittent) AWS VPC VPN

Hello Community, this has been a long lasting issue for my company and I. We recently migrated to AWS and have a VPN IPSEC Site-to-Site VPN running in Main Mode between Amazon and our Sonicwall TZ100 (Running OS 5.9.0.4). The connection can be up and stable for days and then it just drops. It doesn't drop completely as the TZ100 shows the tunnels up and AWS also shows the tunnels up. Data just flat out stops flowing. To fix this I usually disable the connections and enable them to force them to reauth with each other. I am seeing other folks with different routers and different vpn setups all having the same issue and no resolution is to be found. Any help to get be going in the right direction would be great. Sonicwall probes don't work well because they want to disable the route all together if the connection fails. Powershell scripts keeping interesting (ICMP) traffic flowing over the VPN don't work. Running non-assym doesn't work. Log files and configs show it's not the Sonicwall, and AWS is showing similar results. Any ideas Comcast?

Gold Problem solver

 • 

610 Messages

8 y ago

What kind of gateway do you have? I seem to remember that the Netgear CG3000DCR had a similar kind of issue...

 

And just to check, have you run a packet trace on either end during a connection loss, to see if either endpoint is definitely sending out the ESP payloads?

Advocate

 • 

1.4K Messages

8 y ago

Hello ChrisCATech and welcome,

 

Please check to make sure that your SonicWall has load balancing disable because this is one of the root causes for these type of intermittent issues.  

 

It would be helpful to know which Comcast Gateway you are using.

 

New Contributor

 • 

6 Messages

7 m ago

2021-The same issue in Denver, CO. 

Ticket CR-967966445

Comcast technical support had resolved the problem in May 2021 but would not share documentation of the fix.  Now it is November 2021 in the issue is back.  Every other network, hotspot, other non-Denver office location can access the server through VPN accept Denver office.

Comcast Business was a delight to work with during setup.  But technical support is no help and refuses to escalate to the next tier level.  Some have even repeatedly stated that  "if you can access Google, the problem is on your end".  

When I've contacted account reps that signed us up-CRICKETS!

There are forum posts on this from 10 years ago.  Why is there no protocol? 

Comcast, please educate your support staff.  Then tell them to answer the phone.  Please.