Need Help with a freezing VPN connection

[Peabody]

I have a peer to peer LAN ( LAN A ) connecting three computers through a Netgear switch at our main location. The switch is connected to an ADSL Netgear RT311 router. I have one other computer at our main location on a separate LAN ( LAN B ) connected to the same Netgear switch so as to gain access to the ADSL internet connection using the Allcatel modem and Netgear router with a static IP address. This same one other computer is running Windows 2000 Pro and is only accessed by a remote location computer (40 miles away ) via a vpn connection (LAN B is also running Windows 2000 Pro)

I connected all four main location computers to the same switch with an external modem and router. Everyone has access to the internet using the ADSL connection. I then configured the router for the vpn for the remote location.

The remote location computer can connect and access only the one LAN B computer using the VPN, but it keeps freezing up for 20 or 30 seconds for ten or more times a day. After the freeze each time access does return and the IP address is the same as before. I have run some extended ping tests and it also experiences periodic packet losses and then will resume with no problem. I had Bellsouth run ADSL line tests and they reported no problem there.

The remote location has it own non-static IP address ADSL line with an external Linksys router and Westell modem and the vpn is configured using Windows 2000 Pro.

I need for all computers to have un-interrupted ADSL internet access and the remote to stay connected for nine hours without freezing up so much.

Would a static IP address for the remote location help connection wise?

Any thoughts, suggestions or ideas would be greatly appreciated.

 

[Peabody]

Anyone?

 

[cmetz]

Windows is not a credible router and/or firewall OS. Use a real VPN device.

In your case, it sounds like it's renegotiating keys and incorrectly halting traffic during the process. If you're using IPsec, see if there's a way to log IKE/ISAKMP key management activity. IPsec standards require static security association (key) configuration be available and that would work around this problem, but I believe that Microsoft is not compliant on the standards about that.

 

[Peabody]

Thanks for your post cmetz

I am not using IPsec. I am using PPTP and windows 2000 Pro. Any other ideas would be appreciated.

 

[cmetz]

If you're using Win2K and PPTP and it's not working well, try using IPsec instead.

PPTP is not secure, and badly designed. Don't use it if avoidable.

 

[Peabody]

Update:

One further development is that I had all but decided that it is a main location inside wiring or ADSL line problem. I had planned to run a "Home Run" wire and move my ADSL phone jack to within 10 feet of the modem. We decided to call Bellsouth ( the ADSL provider) one last time and get one last line check. This time the line check reported a "severe short" on the main location ADSL line test. They are going to send a technician out next Tuesday to run some diaignostics and tell me what it would cost, if anything, to fix the short. They claim that the short is known to cause the problem that we have. We asked why this problem did not show up on the first line check that we had them run and was told that a "complete" line check had not been run so it did not show up. We, of course, expressed our displeasure with that news, but what can you do? I sure hope that this is the fix that we have been looking for.