Well, it turns out this may all be down to a faulty Linksys EA8500 router.

 

Whenever there was a burst of network data activity on my home network (by any user) my VPN tunnel was being torn down. This was nicely demonstrated totally consistently with a running ping to the company router over the VPN and asking family members to do something (Skype, streaming, TV streaming etc etc).

 

I replaced the network switch and the issue persisted but when I reinstalled an older router in place of the Linksys (which I thought was otherwise a superb router) the whole problem vanished -at least for now (except that now I have rubbish WiFi coverage at home from the old router).

 

I will run this configuration for a week or so to make sure it is stable then put back the Linksys to see what happens. As near as I can get the WAN/LAN router settings are the same on the old and new routers (MTU, firewall rules and open ports).

 

Weird...