I used to have a VPN connecting my two sites that worked faultlessly using Demon Internet and a different telecomms supplier. The VPN is established as an IPSEC VPN between two Watchguard firewalls.
Following a policy change (not mine!) at our remote site I recently had installed three new BT ADSL lines with BTHub3 modems, bonded together to provide a single internet connection through a BT recomended third party suplier, Sharedband. I reconfigured the VPN on the firewalls to reflect the new IP address at the remote end, and updated the WAN interface MTU size as instructed by the company providing the bonding service. I now have my VPN dropping at least once every hour.
The VPN drops when the DPD protocol used to "heartbeat" the VPN connection times out. I tried using IKE keepalive packets instead - same result. I tried switching off 2 of the three routers used for bonding, to re-create a single ADSL connection, same result. The VPN drops consistently thoughout the day and night, so it appears that the reasons for the drop are not traffic related. Latency between the firewalls is fairly consistent at about 58ms on average, although some hops show as high as 380ms:
Date/Time: 19/06/2012 10:45:23 to 19/06/2012 11:35:15
Hop Sent Err PL% Min Max Avg
2 300 1 0.3 1 2 1
3 300 0 0.0 6 179 9
4 300 1 0.3 6 222 19
5 300 0 0.0 15 371 19
6 300 0 0.0 15 58 19
7 300 12 4.0 54 76 57
The issue is not with the firewalls, as they previously worked without a problem. Hours spent diagnosing logs with my firewall support show that the VPN drop is the result of a connection loss.The issue does not appear to be with the ADSL bonding as the problem exists with only a single line operational. BT tell me the circuits are all ok. The bonding service provider has configured his routers to provide access to the external interface of my remote firwall (host allocation). Pingplotter shows a consistent 4% packet drop on the last hop to my remote firewall, and error rate 12 times higher than on any other hop between the sites.
What else to try ? 
