We have been having significant issue in troubleshooting random RPC errors with our directory controllers (MS AD 2008R2) and our distributed file shares.  Both services will randomly stop working, throwing RPC errors as the resulting cause.  We have been all over both Cisco and Microsoft forums in trying to troubleshoot this problem.  I'm trying to the Cisco forums first to see if anyone has any network layer thoughts as to best practices or ways to configure the tunnel.

Our network is simple: two small branch offices connected to each other with two Cisco 2901 ISRs.  An IPSec GRE tunnel exists between both offices.  Interoffice bandwidth is approximately 10mbps.  Pings between offices work, remote desktop works most of the time, file transfers work, and DNS lookups work across both locations.  We really don't have a complicated environment, I'd think it wouldn't be too hard to set up.  But this just seems to be escaping me.  I can't think of anything at the network layer that would be causing problems but I was curious whether anyone else out there with knowledge of small office VPNs might be able to render some thoughts on the matter.

Please let me know if there is anything further people need to see.  My next step is MS forums but I wanted to eliminate layer 3 first.

Tunnel Config:

crypto map outside_crypto 10 ipsec-isakmp

set peer x.x.x.x

set transform-set ESP-AES-SHA

match address 102

crypto ipsec df-bit clear

interface Tunnel0

bandwidth 10240

ip address x.x.x.x x.x.x.x

no ip redirects

ip mtu 1420

ip virtual-reassembly in

zone-member security in-zone

ip tcp adjust-mss 1375

tunnel source GigabitEthernet0/0

tunnel destination x.x.x.x

crypto ipsec df-bit clear

end