Problems with SCP stalling during file copy over VPN
Solution 1:
Are you allowing ICMP through the VPN? "TCP connection stalls after a few seconds" often translates to "PMTU black hole".
Solution 2:
Similar to @Gerald's response this page http://www.netheaven.com/pmtu.html gives a good explanation of MTU Discovery and the options when facing this issue.
Also a whitepaper by Cisco that discusses IP Fragmentation, MTU Discovery, and MSS all pertaining to IPSec VPN tunnels but is equally valid for similar situations. http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
Solution 3:
We had similar spurios problems with scp to some Linux servers (Debian, 2.6.24-etchnhalf).
We were able to do away with the stalls by disabling the TCP variable tcp_sack ("tcp selective acknowledgements") on the remote servers:
sysctl -w net.ipv4.tcp_sack=0
On Debian, tcp_sack is enabled by default. If I read http://www.frozentux.net/ipsysctl-tutorial/chunkyhtml/tcpvariables.html, it should make no sense to disable this option, but in our case, it helped.
You can make this change permanent by adding a line net.ipv4.tcp_sack=0
to /etc/sysctl.conf (on other Linux systems YMMV).