IPSEC VPN Hints for Vigor2130 Router

1. The default phase 1/2 lifetime settings for Vigor 2130 are:

phase1：3600

phase2：28800

Which is different from other vigor 2xxx models (phase1:28800;phase2:3600)

Also vigor2130’s lifetime cannot be changed.

2. IPSec lifetime settings.

IPSec’s lifetime setting may not affect the VPN connecting even if you don’t have the same lifetime settings on server and client sides. However, if you see periodic VPN dropouts, then check the lifetime settings.

Example:

Server: Fortinet

phase1 28800；phase2:1800

Client: Draytek Vigor 2920：

phase1 28800；phase2:3600（Default）

The VPN can be connected, however, every 30 minutes, it disconnects and reconnects.

After some analysis, I find linux based IPSec servers (including v2130,v3900) can accept whatever lifetime from VPN client, but they only follow their own settings. Which means if the client doesn’t send a renew request after 1800 seconds, the server disconnects the tunnel.

IPSEC VPN Hints for Vigor2130 Router

IPSEC VPN Hints for Vigor2130 Router

Share This Story, Choose Your Platform!