VPN

We have a m0n0wall running at two offices.  I have configured IPsec on both sides and it is working until I try to pass traffic through the tunnel.  I can see that the tunnel comes up, from the diagnostics tab I see both sides in the list.  I can ping hosts on the remote network and the hosts can ping me.  The problem is that when files are being transferred or I try to connect to their computers for troublshooting purposes the tunnel is dropped.  I wait about a minute and the tunnel comes back up.  I am not sure why this is dropping like this.

Network setup information.  The remote site has an internet T1 and this is connected to a cisco router using the serial interface.  The ethernet interface has a external IP address and is directly connected to the m0n0wall WAN port which also has a external ip address.  The default gateway on the firewall is the routers external ip and the gateway of last resort on the router is the serial interfaceon the router.  The LAN port is connected to a switch and hosts are connected to the switch.  DHCP is enabled on the firewall.

As I said the tunnel is established but drops.  Any thoughts?

I have a question on many things to try and help with this issue.

First Question: what series of a router do you have and what ISP do you have that connects to that router, and does the router allow esp passthrough.

Second Question:  what is the mtu set to on your ISP and router, default is normally in a range of 1400 - 1500. If the mtu is set to something different set the allow fragmented packets under the advanced tab. It's possible that the connection drops do to improper mtu or fragmented packets.

Third Question: What encryption are you using. I suggest using blowfish for more security and faster transmit. Also note that everything must match on both ends on the tunnel.

Fourth Question: What did you set the lifetime of the connection to in phase 1 and phase 2 of the IPsec setup section. I recommend 28800 seconds for phase 1 and 86400 seconds for phase 2

Fifth Question: Are you trying to do and NAT-T in other words are you trying to establish a IPsec tunnel by setting the VPN server behind and existing firewall.

I have come to the conclusion that this is a hardware related issue.  First I thought that it was the ISP dropping connection because when the tunnel would drop I was not able to log into the firewall.  I started troubleshooting with Sprint (ISP) and I found that the router never lost connection and the link was always active between router and ISP.  When the tunnel drops I also cannot log into the firewall for about a minute (reboot time?) and after I am able to log in the tunnel comes up shortly after.  After monitoring this for about half the day I find that the tnnel drops about every 5 mintes, now this maybe from the lifetime not being set high enough but the fact that I am unable to log into the router is leading me to beleive that I have faulty hardware.

That's could be possible. If you find something wrong with the hardware let me know.