Below is a sample log of the time when disconnects occur, I highlighted in bold the problem area.

vpn-7-715046: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, constructing IPSec SA payload

vpn-7-715046: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, constructing IPSec nonce payload

vpn-7-715001: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, constructing proxy ID

vpn-7-713906: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, Transmitting Proxy Id:   Remote host: 76.17.XX.XX  Protocol 17  Port 0   Local host:  216.XX.XXX.XXX  Protocol 17  Port 1701

vpn-7-715046: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, constructing NAT-Original-Address payload

vpn-7-713171: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, NAT-Traversal sending NAT-Original-Address payload

vpn-7-715046: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, constructing qm hash payload

vpn-7-714005: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, IKE Responder sending 2nd QM pkt: msg id = 00000017

vpn-7-713236: IP = 76.17.XX.XX, IKE_DECODE SENDING Message (msgid=17) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + NAT-OA (131) + NONE (0) total length : 172

vpn-7-713236: IP = 76.17.XX.XX, IKE_DECODE RECEIVED Message (msgid=958052a1) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 68

vpn-7-715047: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, processing hash payload

vpn-7-713906: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, processing delete

vpn-7-713170: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, IKE Received delete for rekeyed centry  IKE peer: 76.17.XX.XX, centry addr: ad03bb38, msgid: 0x00000016

vpn-7-713906: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, L2TP/IPSec: Ignoring delete to a rekeyed centry (msgid=16)

vpn-7-713236: IP = 76.17.XX.XX, IKE_DECODE RECEIVED Message (msgid=17) with payloads : HDR + HASH (8) + NONE (0) total length : 52

vpn-7-715047: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, processing hash payload

vpn-7-713906: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, loading all IPSEC SAs

vpn-7-715001: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, Generating Quick Mode Key!

vpn-7-715001: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, Generating Quick Mode Key!

vpn-5-713049: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, Security negotiation complete for User (sam5510)  Responder, Inbound SPI = 0xc8ed80c2, Outbound SPI = 0xe007e1fd

vpn-6-602303: IPSEC: An outbound remote access SA (SPI= 0xE007E1FD) between 216.XX.XXX.XXX and 76.17.XX.XX (user= sam5510) has been created.

vpn-7-715007: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, IKE got a KEY_ADD msg for SA: SPI = 0xe007e1fd

vpn-6-602303: IPSEC: An inbound remote access SA (SPI= 0xC8ED80C2) between 216.XX.XXX.XXX and 76.17.XX.XX (user= sam5510) has been created.

vpn-7-715077: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, Pitcher: received KEY_UPDATE, spi 0xc8ed80c2

vpn-7-715080: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, Starting P2 rekey timer: 3420 seconds.

vpn-5-713120: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, PHASE 2 COMPLETED (msgid=00000017)

vpn-7-713906: IKEQM_Active() Add L2TP classification rules: ip <76.17.XX.XX> mask <0xFFFFFFFF> port <4500>

vpn-7-715077: Pitcher: received KEY_SA_ACTIVE, spi 0xc8ed80c2

vpn-7-713906: KEY_SA_ACTIVE old rekey centry found with new spi 0xc8ed80c2

vpn-7-713906: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, sending delete/delete with reason message

vpn-7-715046: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, constructing blank hash payload

vpn-7-715046: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, constructing IPSec delete payload

vpn-7-715046: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, constructing qm hash payload

vpn-7-713236: IP = 76.17.XX.XX, IKE_DECODE SENDING Message (msgid=d84b3b70) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 68

vpn-7-713906: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, Active unit activates new SA for remote peer 76.17.XX.XX.

vpn-7-715009: Group = DefaultRAGroup, Username = sam5510, IP = 76.17.XX.XX, IKE Deleting SA: Remote Proxy 76.17.XX.XX, Local Proxy 216.XX.XXX.XXX

vpn-6-602304: IPSEC: An outbound remote access SA (SPI= 0xFD65F940) between 216.XX.XXX.XXX and 76.17.XX.XX (user= sam5510) has been deleted.

vpn-6-602304: IPSEC: An inbound remote access SA (SPI= 0xB2891595) between 216.XX.XXX.XXX and 76.17.XX.XX (user= sam5510) has been deleted.

vpn-7-715077: Pitcher: received key delete msg, spi 0xb2891595

vpn-4-713903: IKE Receiver: Runt ISAKMP packet discarded on Port 4500 from 76.17.XX.XX:4500