I have a lan to lan scenario. The central office has an ASA5505 and the remote office has an SR520. The VPN connection is functional. My problem is about once a month or maybe more often (seems random) the remote office will lose connection to software we have hosted in the central office. Then a couple of seconds later they will be able to reconnect. This has stumped me because I run a continuous ping between the 2 sites both directions and see absolutely nothing wrong, no packet loss at the time of disconnect. Today it happened again. Looking at the Central Site router's log, I do see that the remote site's IPSEC rekey interval matches with the time they were dropped. I am wondering if it is taking too long to rekey. I currently have IPSEC with 3DES-168, MD5. My rekey interval is 3600 seconds. I believe this is the max rekey interval on the SR 520 or I would turn that up. I am wondering if there is a simpler algorithm I should use to avoid this problem. Should I think about using DES or less than 168? Is there any way to up the Rekey interval beyond 3600 on an SR520?
Thanks a lot for any information.