Forum Discussion
IKEv2 and Windows 10/11 drops connectivity but stays connected in Windows
I’ve seen this with 2 different customers using IKEv2 User VPNs (virtual wan) and Point to Site gateways in hub and spoke whereby using the VPN in a Always On configuration (device and user tunnel) t...
May consider below workarounds and fixes:
1. Configure Custom IPsec/IKE Policies
- Set longer lifetimes and enable rekeying:
{
"ikeEncryption": "AES256",
"ikeIntegrity": "SHA256",
"dhGroup": "DHGroup14",
"pfsGroup": "PFS2",
"ipsecEncryption": "AES256",
"ipsecIntegrity": "SHA256",
"saLifetimeSeconds": 28800,
"saDataSizeKilobytes": 102400000
}2. Use Azure VPN Client Instead of Built-in Windows Client
- The Azure VPN Client handles tunnel drops and rekeying more reliably.
3. Enable VPN Reconnect in Windows
- Use PowerShell or Group Policy to enable VPN Reconnect feature:
Set-VpnConnection -Name "YourVPN" -ReconnectEnabled $true4. Monitor with Azure Network Watcher
- Use Connection Monitor to detect tunnel drops and automate alerts or reconnection scripts.