Home

Forums

Stories

Knowledge Base

Business Community > Gateways > ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for up to a couple of minutes at random

< Gateways

ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for up to a couple of minutes at random

GRL

2025-05-21 07:36:17 - last edited 2025-05-22 07:30:23

Posts: 726

Helpful: 292

Solutions: 83

Stories: 0

Registered: 2022-01-02

ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for up to a couple of minutes at random

2025-05-21 07:36:17 - last edited 2025-05-22 07:30:23

Im seeing a complete traffic drop on the IPsec site-to-site from my home (605 v2 2.3.0 april 28th beta) to my main site VPN router (ER7206v2 2.2.0 official) at random, for up to 2 minutes at a time

Neither site shows any logs relating to IPsec connection drops, DPD timeouts etc, the tunnel remains up

When the traffic loss occurs, it seems to effect all traffic - i not only cant communicate with the controller, but also a NAS, RDP, web interfaces of Raspberry PIs etc

This issue didnt seem to occur with the first 2.3.0 beta released on the forum, other sites with different routers, and dial-up client IPsec VPNs to the main site are also unaffected.

Its not my ISP connection at home, when the VPN traffic stops, i can use internet just fine.

Its not the WAN connection at the other end either, it happened to me while a colleague was on one of the dial-in VPNs to it and that remained fully functional, and that site isnt reporting any WAN issues in the logs or traffic graphs

I have deleted and recreated the VPN profile on the 605, no change to this behavior.

I dont have to do anything at all to restore traffic over the VPN, it just starts all by itself and resumes normal function

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300

16 Reply

Clive_A

2025-05-21 07:57:53

Posts: 8362

Helpful: 4290

Solutions: 2178

Stories: 0

Registered: 2023-06-09

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for a couple of minutes at random

2025-05-21 07:57:53

@GRL

GRL wrote

Im seeing a complete traffic drop on the IPsec site-to-site from my home (605 v2 2.3.0 april 28th beta) to my main site VPN router (ER7206v2 2.2.0 official) at random, for about 2 minutes at a time

Neither site shows any logs relating to IPsec connection drops, DPD timeouts etc, the tunnel remains up

When the traffic loss occurs, it seems to effect all traffic - i not only cant communicate with the controller, but also a NAS, RDP, web interfaces of Raspberry PIs etc

This issue didnt seem to occur with the first 2.3.0 beta released on the forum, other sites with different routers, and dial-up client IPsec VPNs to the main site are also unaffected.

Its not my ISP connection at home, when the VPN traffic stops, i can use internet just fine.

Its not the WAN connection at the other end either, it happened to me while a colleague was on one of the dial-in VPNs to it and that remained fully functional, and that site isnt reporting any WAN issues in the logs or traffic graphs

I have deleted and recreated the VPN profile on the 605, no change to this behavior.

I dont have to do anything at all to restore traffic over the VPN, it just starts all by itself and resumes normal function

Is that saying this would affect the local devices? Or are they on the other site?

Is there a pattern to when this happens?

GRL

LV4

2025-05-21 08:03:33

Posts: 726

Helpful: 292

Solutions: 83

Stories: 0

Registered: 2022-01-02

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for a couple of minutes at random

2025-05-21 08:03:33

@Clive_A

When this occurs, i mean i cannot access ANYTHING at the main site or any other remote sites from home (ie, anything over the VPN)

Local and internet traffic at both sites isnt affected at all. Internet etc all fine.

Only problem is the VPN stuff

I have run a 24 hour ping test from another remote location (also a 605v2 on 2.2.6) to a device on main site over its own site-to-site and not a single packet loss. - this VPN connects to the same router mine does, on the same VPN profile, which i think safely rules out the issue being the "other end"

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300

GRL

LV4

2025-05-21 08:24:18 - last edited 2025-05-21 08:30:08

Posts: 726

Helpful: 292

Solutions: 83

Stories: 0

Registered: 2022-01-02

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for a couple of minutes at random

2025-05-21 08:24:18 - last edited 2025-05-21 08:30:08

@GRL

Logs from the main site

Everything here is just the graceful disconnect and reconnect of a different remote site (a 605v2 on 2.2.6 when it has its scheduled reboot every morning, or when the site loses power (relatively frequently). Nothing shown relating the the VPN from my home site

Logs from my home site

I see these DPD entries all the time even when the conenction is working properly, A VPN "blackout" occured just a few minutes ago 9:26am my time, nothing is logged

Tunnel status on my side seems normal

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300

GRL

LV4

2025-05-21 11:48:27

Posts: 726

Helpful: 292

Solutions: 83

Stories: 0

Registered: 2022-01-02

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for a couple of minutes at random

2025-05-21 11:48:27

Clive, sorry i didnt answer your other question

The only pattern I have noticed is it tends to drop out when the VPN has been "idle" - when i havent been accessing anything on the other side of it for an hour or more, then try to access something. It then drops out for a little while then comes back

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300

Clive_A

2025-05-22 02:13:25

Posts: 8362

Helpful: 4290

Solutions: 2178

Stories: 0

Registered: 2023-06-09

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for a couple of minutes at random

2025-05-22 02:13:25

@GRL

GRL wrote

@Clive_A

When this occurs, i mean i cannot access ANYTHING at the main site or any other remote sites from home (ie, anything over the VPN)

Local and internet traffic at both sites isnt affected at all. Internet etc all fine.

Only problem is the VPN stuff

I have run a 24 hour ping test from another remote location (also a 605v2 on 2.2.6) to a device on main site over its own site-to-site and not a single packet loss. - this VPN connects to the same router mine does, on the same VPN profile, which i think safely rules out the issue being the "other end"

From the site where you have trouble with it, if you run the ping, does it lose packets?

Possible if you run Wireshark to monitor the traffic?

GRL

LV4

2025-05-22 07:10:03 - last edited 2025-05-22 07:12:25

Posts: 726

Helpful: 292

Solutions: 83

Stories: 0

Registered: 2022-01-02

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for a couple of minutes at random

2025-05-22 07:10:03 - last edited 2025-05-22 07:12:25

Hi Clive

So, i installed wireshark on my laptop at home, rebooted it, and made sure any and all applications i could were closed so it wasnt too busy on the wireshark capture

Anything 172.16.0.X is my home network and can be ignored.

My laptop is 172.16.0.1.

192.168.0.230 is the IP of my controller at the other end of the VPN. I haven't used anything over the VPN today, so this was first time attempting to log into it since last night. The login page loaded as normal, and then the VPN went unresponsive as i tried to enter my credentials. After about 30 seconds, and 2 page refresh attempts, the VPN came back to life and i was able to log in - all should be captured.

I cant attach it here, its over 10mb. Can i email it to you ?

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300

MR.S

LV5

2025-05-22 07:10:16 - last edited 2025-05-22 07:15:34

Posts: 2835

Helpful: 1013

Solutions: 398

Stories: 0

Registered: 2018-08-17

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for a couple of minutes at random

2025-05-22 07:10:16 - last edited 2025-05-22 07:15:34

@GRL

Here is the test result as agreed, you see the red lines where I switched from SD-WAN and IPsec site to site, the ones in between are small drops, not so much that it should be noticeable, but there is more drop with IPsec site to site than there is with SD-WAN who doesn't have a single drop.

The focus is 15 seconds, so the actual drop is probably no more than 4 seconds.

ISP Load in the same period, this is essentially VPN traffic going through the same VPN tunnel that has been measured.

GRL

LV4

2025-05-22 07:37:32 - last edited 2025-05-22 07:39:22

Posts: 726

Helpful: 292

Solutions: 83

Stories: 0

Registered: 2022-01-02

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for up to a couple of minutes at random

2025-05-22 07:37:32 - last edited 2025-05-22 07:39:22

Here is a snippet from the large wireshark file. It is pages and pages of this when it was unresponsive

This is during the period the VPN wasnt passing data

172.16.0.1 is my laptop, 192.168.0.230 is my controller the other side of the VPN

Im not familiar enough with wireshark to be able to identify the moment the VPN went from working to not working then back to working again, but the entire thing is in it.

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300

Clive_A

2025-05-22 09:10:06

Posts: 8362

Helpful: 4290

Solutions: 2178

Stories: 0

Registered: 2023-06-09

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for up to a couple of minutes at random

2025-05-22 09:10:06

@GRL

GRL wrote

Here is a snippet from the large wireshark file. It is pages and pages of this when it was unresponsive

This is during the period the VPN wasnt passing data

172.16.0.1 is my laptop, 192.168.0.230 is my controller the other side of the VPN

Im not familiar enough with wireshark to be able to identify the moment the VPN went from working to not working then back to working again, but the entire thing is in it.

I sent an email from the old conversation we had. I'll get that Wireshark file and see what I can do.

#10

GRL

LV4

2025-05-22 09:24:16 - last edited 2025-05-22 09:24:38

Posts: 726

Helpful: 292

Solutions: 83

Stories: 0

Registered: 2022-01-02

Re:ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for up to a couple of minutes at random

2025-05-22 09:24:16 - last edited 2025-05-22 09:24:38

Thanks Clive.

I have attempted sending it twice now. the file was too big for your mailserver and got bounced. Now sent as a google drive link. If you cant get it let me know and ill find another way

To clarify for you, the capture is the entire process - VPN working > not working > working over about 30 to 40 seconds. It was started only a few seconds before the VPN stopped passing traffic and stoped a few seconds after it started working again, with nothing extra either side.

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x3, ES208G x1, EAP650 x6 Remote: ER7206 v2 x1, ER605 v2 x3, SG2008P x2, EAP650 x2, ES205G x1 Controller: OC300

#11

ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for up to a couple of minutes at random

ER605 v2 2.3.0 Beta - IPsec VPN connection loses traffic for up to a couple of minutes at random

Information

Voters 0

Tags