From looking at the status of the vpn connections on the router I have noticed that over time IP addresses can go from a ?working? state to a ?broken? state where communication between the client machine and the cisco device doesn?t happen. In short, an IP address works fine for one machine earlier in the day, but a few hours later it is broken for another machine that picks up the address. The router shows ?Bytes Tx: 0? (data transmitted back to the client) on each of these ?broken? IP addresses. Once a machine that was using a ?broken? IP address receives a new IP address that hadn?t been broken, it is able to communicate again. As other machines takes over a ?broken? IP address it is then unable to communicate with the router. I have seen good IP address ?break? but I have not seen an IP address that was "broken" go back to ?working? again. A broken IP address may not get used for a little while (sitting in the address pool waiting to be re-assigned by the router), but once it is used again the machine that picks it up will be in a ?broken? state. When I did a ?VPN-Tunnel bounce? (logoff remote) it didn?t help, and may have cause things to become worse. When I did a ?reload? on the router, the status of the router went from 34 connections working and 70ish broken to 107 working and 2 broken. A reload was done Monday and by Wednesday have seen anywhere from 2-7 broken connections at any given time and growing (I have yet to see 100% connections ?working?). It seems also that an IP address only works the first time it is assigned (to a VPN client), and then it is unusable to any client it is assigned to after that.
I have this problem too.