Why are point to point VPNs not exactly the best way to connect LANS

The rekey interval is usually 1 or 8 hours, by default. It can be made longer if desired. The biggest downsides I see of VPNs are 1) No firm SLA - VPNs are dependent on the Internet, and thus prone to any performance issues or outages. 2) Limited Scalabilty - As the network expands or changes, all the tunnels must be manually updated (unless you're running a dynamic routing protocol across them). 3) Limited features - For example, it's impossible to bridge the same subnet across a VPN. 4) Complexity - IPSec has lots of options, and if both sides don't match exactly, the tunnel will have problems. This is a big headache if you don't control the equipment on both sides of the tunnel.