I am having one branch office. Desktop users connect my office via Ipsec tunnel at my H.O(main).Desktop(Users) obtain ip address via DHCP server & they connect to all my other server via ipsec tunnel. But few of my user gets disconnected & they are not able to ping to my server.i.e
DESKTOP_USER--BRANCH_ROUTER==IPSEC TUNNEL = HO-ROUTER-FIREWALL--DESKTOP_USERS. Assume one user -192.168.0.12 gets connected, via ipsec tunnel & able to ping server,but after some time pinging to server stops. Then the user with 192.168.0.12 ip will come to router & will not be able to ping to mu server. We have to change the ip address & then try to ping it works, but with same ip 192.168.0.12 it doesnt work. Alternately if we want to use that same ip 192.168.0.12, we have to reboot router in order to get access to server.As we are having fire wall, packet comes to router interface i.e facing towards internet,so we cant troubleshoot.
Only solution we have, we have to change Ip address or we need to reboot the Router.