Jereon, Are you assigning an IP address to the remote VPN client via Xauth? If so, do you have that scope listed under proxy-arp on the interface that services the local network?
-Andrew -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Jeroen J.A.W. Hermans Sent: Thursday, April 12, 2012 3:46 PM To: [email protected] Subject: Re: [vpn-help] Shrew disconnects from Juniper SRX210 after some minutes Thank you for your reply. I have checked my config, but DPD was not enabled. I cannot find any keepalive/heartbeat statements in my config (NAT-keepalive is off). The problem remains the same, also with other users at different remote locations. I feel i have tried all possible options, but nothing seems to work. Are there any other possible options i could try? Kind regards, Jeroen Hermans On 12-4-2012 4:31, Kevin VPN wrote: > On 04/03/2012 04:09 PM, Jeroen J.A.W. Hermans wrote: >> I have a problem i have been working on a few weeks now and i don't >> seem to be able to get Shrew to work nicely with my Juniper SRX210. >> Setting up a VPN to the SRX is not a problem. Phase 1 and 2 are >> completed succesfully. I am able to ping to the other netwerk without >> any problems, but after about 6 minutes Shrew disconnects (see >> tracedump under this mail). I am using a Juniper SRX210 running JunOS >> 11.1R1.10 and Shrew VPN 2.2.0. I am using a cabled network and i am >> behind a NAT router. > > Hi Jeroen, > > I would look at the Dead Peer Detection (DPD) or Heartbeat/Keepalive > settings, they often have a timeout of 300 seconds (5 minutes). Try > turning DPD or Heartbeat off to see if that changes the problem. _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
