About Remote Access with VPN Reconnect

Applies To: Windows 7, Windows Server 2008 R2

VPN Reconnect refers to the support in Routing and Remote Access service (RRAS) for a new tunneling protocol, IPsec Tunnel Mode with Internet Key Exchange version 2 (IKEv2), which is described in RFC 4306. With the functionality provided by the IKEv2 Mobility and Multihoming protocol (MOBIKE), which is described in RFC 4555, this tunneling protocol offers inherent advantages in scenarios where the client moves from one IP network to another (for example, from WLAN to WWAN). Specifically, for mobile phones and other mobility scenarios, this tunneling method enables the VPN tunnel to stay alive even when the client moves from one access point or location to another.

When using other VPN protocols, and the network connection is interrupted for any reason, the user typically loses the VPN tunnel completely and must manually reestablish the VPN tunnel. VPN Reconnect allows the underlying network connection to be interrupted for a configurable amount of time, without losing the tunnel. As soon as network connectivity is reestablished, even through a different network interface, the tunnel is automatically restored with no interaction required from the user. For example, this permits a user with an active IKEv2 VPN tunnel to disconnect a laptop from a wired connection, walk down the hall to a conference room, connect to a wireless network, and have the IKEv2 VPN tunnel automatically reconnected with no noticeable interruption to the user.


If your laptop hibernates when you close the lid, then the connection is lost and you will have to manually reinitiate the connection.


Unlike other VPN tunnels such as PPTP, L2TP/IPSec, and SSTP, IPsec Tunnel Mode with IKEv2 does not run PPP-based handshake on top of the tunnel.