URGENT: Frequent Disconnects After Switching to VpnGw1 with IKEv2/OpenVPN on Azure P2S VPN

Question

URGENT: Frequent Disconnects After Switching to VpnGw1 with IKEv2/OpenVPN on Azure P2S VPN

Amal Karunakaran 0

Hi Team,

We are facing a critical issue after upgrading our Azure Point-to-Site (P2S) VPN setup.

For the past three years, we have been using Azure P2S VPN with the Basic SKU and SSTP tunnel type, supporting around 80–100 client machines. This configuration had been working reliably without any major issues.

Recently, we upgraded to VPN Gateway SKU: VpnGw1 and changed the tunnel type to IKEv2 and OpenVPN (SSL) to support a wider range of platforms including Windows, macOS, and Linux.

Since this change, all our client machines are getting disconnected automatically every 10–15 minutes, regardless of operating system. The connection drops are consistent and reproducible across our entire user base. The client count remains the same as before (~80–100), and no such issue was observed in the previous configuration.

We have tried basic troubleshooting but have been unable to identify the root cause. This issue is severely impacting our operations and user productivity.

We request immediate assistance on the following:

Are there any known issues, limitations, or configuration requirements for IKEv2/OpenVPN with VpnGw1 that could cause such disconnections?

Are there specific timeout settings, idle session limits, or MTU/MSS configurations that need adjustment?

Can you assist in verifying if this is a backend gateway or tunnel protocol issue?

We are happy to provide logs, configuration details, and client OS information as needed.

Please treat this as high priority, as it is impacting a large number of users.

Thank you

Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-08-08T10:10:50.65+00:00

Hello Amal Karunakaran

I wanted to follow up to see if you’ve had a chance to review my response to your question. I’ve sent you a private message please take a look and share any details needed so we can continue investigating the issue.
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-08-11T15:45:44.6666667+00:00

Hello Amal Karunakaran

I just wanted to follow up and see if you had a chance to review my response to your question. Please let us know if it was helpful, and feel free to reach out if you have any further queries.

Hope the above answer helps! Please let us know do you have any further queries.

Please do not forget to "accept answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

1 answer

Your answer

Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-08-08T10:10:50.65+00:00

Hello Amal Karunakaran

I wanted to follow up to see if you’ve had a chance to review my response to your question. I’ve sent you a private message please take a look and share any details needed so we can continue investigating the issue.
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-08-11T15:45:44.6666667+00:00

Hello Amal Karunakaran

I just wanted to follow up and see if you had a chance to review my response to your question. Please let us know if it was helpful, and feel free to reach out if you have any further queries.

Hope the above answer helps! Please let us know do you have any further queries.

Please do not forget to "accept answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

Answer 1

Hello Amal Karunakaran
I understand that you are experiencing a significant issue with your Azure P2S VPN after upgrading to the VpnGw1 SKU and changing to IKEv2/OpenVPN.
Azure VPN Gateway does not specifically mention a 10–15-minute timeout, but OpenVPN and IKEv2 connections can be affected by NAT timeouts or idle session limits set on client-side firewalls or routers.

Make sure UDP ports 500 and 4500 (for IKEv2) and TCP 443 (for OpenVPN) remain open and are not closed too soon by NAT devices or firewalls.
At times, incorrect MTU (Maximum Transmission Unit) settings may cause fragmentation problems and lead to disconnects. Lowering the MTU value, such as to 1400 or 1300, might help stabilize the connection. Also, setting the MSS (Maximum Segment Size) to just below your MTU can be beneficial.

Also, please try removing and reconfiguring a P2S certificate. Download the latest client file and deploy it on your client machines.

Please make sure that all clients are using OpenVPN 2.4 or later or the Azure VPN Client with TLS version 1.2 or 1.3 enabled.

Check the reference document:

https://learn.microsoft.com/en-us/azure/vpn-gateway/ikev2-openvpn-from-sstp

If PFS is enabled on your on-premises VPN device, it could cause disconnection problems. Try disabling it and update your IPsec policy as needed.

collect the packet captures and check whether the disconnects are caused by NAT timeout, TLS renegotiation, or IKE rekeying. And collect logs and check where this disconnection is occurring.

Check the below document for troubleshooting:
https://learn.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure-diagnostics

https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-troubleshoot-vpn-point-to-site-connection-problems

Hope the above answer helps! Please let us know do you have any further queries.

Please do not forget to "up-vote” wherever the information provided helps you, this can be beneficial to other community members.

Share via

URGENT: Frequent Disconnects After Switching to VpnGw1 with IKEv2/OpenVPN on Azure P2S VPN

1 answer

Your answer