I'm having a hard time here. One our customers uses a Cisco ASA 5540(IOS 8.0(3)10) and Cisco VPN Client v.5 to establish IPSec tunnels through the Internet.
When the remote user is behind ADSL Modems or Cable Modems there is not a single drop in the connection, he's able stay connected up to 2 or 3 days straight without a single drop. But, a few users use those new GPRS Modems to get access to the Internet and then establish the IPSec Tunnel, these users get a connection drop at about every 10 or 20 minutes. They're using the same tunnel-group and group-policy attributes.
It's one of our customer requests that there are no idle nor session timeouts configured, they're both set to 'none'. NAT-T is enabled and the isakmp keepalives threshold is set to 300seconds and retry set to 2, as suggested by Cisco.
Is there any special configurations that need to be done so they can have the same behavior as the users behind ADSL modems?
Right now, the IPSec over UDP is set. The next thing I'll try is use the IPSec over TCP setting, using port 10000.
Thanks in advance!