@azzi9 

You can find the settings under Advanced > NAT Forwarding > ALG

Are you able to bypass the router and have your computer directly connected to the modem to test to see if the issue stays with the router or with the computer?

@Tony 

I finally got a chance to try this & it did not fix my problem.  I will try plugging directly into the modem tomorrow & see if that has the same effect.

Thanks for the reply.

@Tony Well, it looks like you sent me on the right path.  I hook up straight to the modem & I can't get it to stay connected there either.

It looks like I've been barking up the wrong tree, blaming the TP-Link router.

Now to look into my wireless from AT&T to see why IT can't keep my VPN connection up.

Thanks again!

@azzi9 

No worries, if you do get it working, but yet you come across the same issue introducing the Archer A20, please let us know.

Try other VPN services, here's a Hola VPN review, this is what I find the best from my experience, but you can experiment with other VPNs from the site.

@azzi9 

I think I know what your problem is, but I'm not sure there's a fix.  I rely on AT&T LTE for my home internet (netgear cell modem) and also use my phone's hotspot, and both have the problem.  However I'm fairly certain the problem lies with AT&T blocking UDP port 443 at the carrier level.  A bunch of us have been pulling our hair out over this on the AT&T forums (links below), but out of the many "fixes" suggested, the only consistent workaround is to have the UDP port used by the DTLS protocol changed to something other than port 443 - if you're lucky enough to have your company agree to do it.  I've had no problems for years until early October (Portland, OR area).  It's also been reported that AT&T U-verse uses the same port, so it may be related.

A little background - cisco anyconnect VPN requires two connections, DTLS (UDP 443) for main traffic, and TLS/SSL (TCP 443) for status check, maintenance, and as a backup if DTLS fails.  If a DTLS connection cannot be established, the VPN will typically stay connected and transfer data over TLS, but the traffic flow will be very slow and unstable.  For me, at worst it stops passing traffic several times a minute leading to constant remote desktop disconnects, stopped file transfers, etc.  This explains why it's intermittent while still showing "connected."  I know you mentioned you're disconnecting, but does your actual VPN session disconnect or some other program?

To verify, check this:

- Go to Cisco AnyConnect Secure Mobility Client
- On left, click the settings option
- Go to VPN tab and select the Statistics Tab
- Scroll down to Transport Information

My connection will show DTLS at first until the client gives up after a few minutes then permanently shows TLS.  the logs show a DTLS connection is never established.  This does not happen on ANY other ISP, cellular provider, etc.  AT&T did something recently to block UDP443, but it's impossible to know who or how many are impacted and where, and AT&T won't acknowledge it.  I just know changing the port fixes it.  Also I have a personal VPN service that uses other UDP ports, and it works just fine.  Hope this helps.

Go to last pages:

https://forums.att.com/t5/Other-Phones-Devices/ATT-LTE-hotspot-periodically-keeps-disconnection-laptop-VPN/td-p/5840554

https://forums.att.com/t5/Network-Coverage/Cisco-AnyConnect-VPN-drops-when-using-hotspot-on-iPhone-7/td-p/5983871

@cchanor Thanks for the info, sorry it took me so long to get back to you.  It's been a busy couple months.  This seems to be the issue, but it doesn't seem like my IT people will be changing the VPN for me connect in to.  Luckily I have a company phone with Mobile Hotspot that isn't on AT&T, so it looks like I'll be using that for the interim.