I installed  my exchange 2010 email server on a rented server in a data center. I wanted to keep my remote exchange server and local client computers on the same domain . So i needed to install a secondary domain controller locally and run repliction between exchange server and local DC . Since I can not afford a separate vpn hardware in data center for site-to-site  vpn,  I just enabled global vpn  on my sonicwall TZ210 and  installed sonicwall global vpn client software on exchange server . I enabled split vpn   which  is important to seperate internet and vpn tarffic  ( I did not want my remote exchange serer use my office internet bandwidth for external communication) and I Created a vpn policy to limit  vpn traffic between exchange and secondary DC only  .

Domain replication has been scheduled for every  1 hour  and Everything was working fine , except .. the vpn communication brakes down frequently . But on sonicwall , global vpn session shows active .  After  2  hours of struggle , i finally found  the solution for  this.



The fix is , uncheck the check box  ” enable IKE Dead peer detection”  in  Advanced vpn settings


Also  I had to adjust the tcp innactivity timeout  -from 15  to 120 minutes.


Firewall access rule –> select matrix —> select VPN to Local  rules –> edit settings of  any to WLAN

Remote access Networks—> click Advanced     and chnage the tcp innactivevity timeout


You may need to do the same for   LAN to VPN  access rule .






Leave a Reply

Your email address will not be published.