I'm experiencing the same issue. "Cisco" IPSEC clients fail due to a rekey issue after about 3300 seconds. It's really a shame -- other than the timeout issue, they work perfectly and provide nearly universal cross-platform compatibility.
I may be upgrading to 5.x soon to address an unrelated user-id issue. I will post back to this thread if 5.x fixes it.
I use cisco vpn client over win 7 with a vm-100 5.03 and the tunnel is up for 8 hours (and more if configured). Verify that GP Gateway has Inactivity Logout configured for at least 6/8 hours.
As you see form the command extracted for a newly GP ipsec phase 2 created has a lifetime of 8 hours 28778/3600, while with 4.1.X the lifetime was always below 3600
admin@VM-100> show vpn ipsec-sa tunnel
GwID/client IP TnID Peer-Address Tunnel(Gateway) Algorithm SPI(in) SPI(out) life(Sec/KB)
192.168.Y.Y 1 X.X.X.X:49364
Sometimes 5.03 has problem in ipsec rekey (to be solved hopefully in 5.05 or 5.06) so maybe your problem is related to this issue, not to the lifetime of cisco vpn client.
Split tunnel on IPSEC is working but only if the networks are simpler enough. For examples if access routes are 192.168.0.0/24 and 172.16.0.0/24 this goes to full tunnel. Technical limitation probably will never fix.
Cisco IPSEC are stuck only to 8 hours and other IPSEC flavors (IPSEC on MacOSX) have even worst timeout.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!