We've setup a VPN tunnel with a partner through Internet (@Different Country with different Time Zone) using the following guidlines:
We are phasing the following "strange" problem... The tunnel comes up and works for 8-10 minutes. After that the windows server stops "decrypting" the packets that cisco sends (ESP packets get transmitted and received by the Windows 2003 server, confirmed with ethereal). Now, after 50-52 minutes (that is after 3600 seconds that the transform-set security association lifetime expires and SPI/SAs are re-negotiated) the tunnel works again and the story goes on forever (8-10 minutes works, 50-52 minutes does not work).
From Cisco Site, the configuration is as Follows.....
crypto isakmp policy 1
crypto isakmp key peersharedkey! address <MY_Partner_IP>
crypto ipsec security-association lifetime seconds 3600
crypto ipsec transform-set PARTNERset esp-des esp-md5-hmac
crypto map PARTNER 1 ipsec-isakmp
set peer <MY_Partner_IP>
set transform-set PARTNERset
match address 115
ip address <My_Public_IP> 255.255.255.248
crypto map PARTNER
!--- Source/Destination networks defined
access-list 115 permit ip 192.168.1.0 0.0.0.255 10.10.10.0 0.0.0.255
ip route 0.0.0.0 0.0.0.0 <My_ISP_Gateway>