I've got an ASA running a single context on 7.2(2) connecting via a web based VPN to a VPN3020 concentrator. Whilst the tunnel is up and reporting no errors, we are losing maybe 1 in 10 packets. The pattern isn't regular, with sometimes over a minute between losing packets and then dropping 3-4 on the trot.
The 3020 is terminating over 50 other VPNs with no issue.
The latency over the vpn is very very consistant at circa 110ms. I have increased the ICMP timeout to 5 seconds but the suspect packets are definately being dropped rather than delayed. There is no NAT'ing taking place.
The interface output on the ASA shows the number of drops increasing but no packet errors (i.e. CRC, Jumbo etc..)
Whilst I understand that traversing the internet can cause variable latency issues, I have never seen this many packets being dropped on a web VPN before.
Any ideas what to check or how to find out why the drop packet count on the ASA is increasing?