cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1140
Views
5
Helpful
12
Replies

50% Packet Lost VPN Site 2 Site

esspr2006
Level 1
Level 1

I have sucessfully stablished the VPN tunnel between the two sites. Also I am able to do a ping test to both Routers Inside Interface with 100% success, but when I try to ping another device I got packets lost 50%.

I am Using a 871 and a 1841 Both on DSL on 512 upstream.

12 Replies 12

timkaye
Level 1
Level 1

Hello.

I assume you mean the following

From LAN side on 871 - ping to router 871 100%

From LAn on 871 - ping to router 1841 50% loss.

From LAN side on 1841 - ping to router 1841 100%

Is it possible to confirm that a ping from the 1841 external interface to the 871 external interface does not drop packets?

Its easy to not drop packets on the internal interface. The DSL maybe indicative of service issues. Is the DSl symetrical?

Well let me explain better.

When I ping the router interface on either of the LANs it works well.

Also if I do a telnet on the router:

ping 192.168.100.254 source 192.168.1.254;

a ping between the routers via the VPN, I get 100% replys.

When I try to ping from a station(LAN) to a station on the other site is when I get 50% - 40% loss.

I have a paradyne modem from the ISP doing a DMZ to the 871 and the 1841 have a WIC adsl.

The Internet conection is Asymetrical DSL.

MTU size of the pings? Can you test with differing sizes?

This is the actual screen on the station on one of the sites. The 192.168.1.254 is the remote site inside interface address. The Maximun Size without Framenting is 1370 but still I got some packet loss.

Pinging 192.168.1.254 with 1370 bytes of data:

Reply from 192.168.1.254: bytes=1370 time=136ms TTL=254

Request timed out.

Reply from 192.168.1.254: bytes=1370 time=143ms TTL=254

Request timed out.

Ping statistics for 192.168.1.254:

Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),

Approximate round trip times in milli-seconds:

Minimum = 136ms, Maximum = 143ms, Average = 139ms.

This is the ping from router a inside Interface to router b inside interface:

Sending 5, 1370-byte ICMP Echos to 192.168.1.254, timeout is 2 seconds:

Packet sent with a source address of 192.168.100.254

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 68/70/72 ms

You'll need to confirm MTU sizing for each interface.

make sure you have no issues with performance from the local host to the local router.

The perfomarce on from the local to the router on both sites are fine.

When you mean MTU on interfaces, are the interfaces the inside or outside? On the ATM or Dialer.

ATM and dialer

ATM0/0/0:

MTU 4470, Sub MTU 1300.

Dialer0:

MTU 1500

Should I change de MTU to 1370 on the 1841 ATM and Dialer0?

yes.

check each end.

I already changed on the 1841, still the same but I need to change it on the 871 and also may need to check the paradyne modem of the ISP on the midle it can include some misteries to the issues.

I tried to change the MTU on the Cisco 871 but I can't is seem the MTU can't be change on these Router.

I tried on the interface and on the vlan.

It's an IOS bug, you can make a test and disable IP CEF, usually it works, but it's only a workaround to get it working for real upgrade the IOS.

Rate if helps...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: