I have a strange problem when using the VPN Client over a WLAN. A customer runs a public WLAN and allows its users to establish connections with the VPN Client to a 3000 series concentrator. The customer is a university and has a lot of mobile device movement joining and leaving the infrastructure throughout the day. This is why he limited the DHCP lease time (of the WLAN subnet over which the VPN runs) to a short five minutes.
Now the scenario:
The WLAN and VPN connection processes finish successfully and data can be exchanged. Now at the half of the DHCP lease time (2.5 mins), the NIC attempts to renew its DHCP lease, according to the DHCP standard. This will fail in the sense that the client doesn't send out any DHCPREQUEST at all (not even encrypted through the tunnel). Half a minute before the actual lease expiry time Windows takes another attempt to renew the address (clear text on the WLAN NIC), will even get an ACK (can be sniffed with another machine using Wireshark over WLAN), yet the client won't process the answer (no sniffer output on the affected client). In process, the VPN connection fails upon DHCP lease expiry. After the VPN client has disconnected, IP address renewal will succeed.
In general, if the VPN client is not in use, the process of the DHCP renewal works without problems.
I've tried different split tunneling settings, including "tunnel all" to "tunnel all except local LAN".
See the attachment for a sniffer output of the additional machine sniffing the WLAN media during a DHCP renewal failure.
Does anybody know the root of this problem? Any help is greatly appreciated!