Cisco ASA 5505
I recently had to try and determine the cause of random drop outs of customer’s Cisco ASA IPsec VPN between two Cisco ASA 5505s. Both ASAs were NAT’d behind ADSL routers and ports forwarded to the firewall. I know this *shouldn’t* cause a problem and modern implementations of the IPsec stack are much better at traversing NAT than they used to be. One router was a Cisco/Linksys something and the other was a NetGear DGN1000.
Symptoms: Tunnel would intermittently drop after 10-30 minutes, regardless of whether traffic was passing over the link (constant PING) or not.