Cisco VPN Clients Running Slow when terminating through the ASA

Unanswered Question

We have found that when a client running the Cisco VPN client makes a connection to the VPN Concentrator they connect up fine. When they connect up to the new ASA device, the connection runs slow. We are thinking that this could be realted to MTU. The client is currently set to 1300 by default. The interfaces on the ASA are all set to the default of 1500. Does anyone know what could be causing this? Please advise.


Regards,


Mark

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amritpatek Mon, 09/10/2007 - 07:30
User Badges:
  • Silver, 250 points or more

The VPN tunnel can be slow if a large value of TCP MSS is used. You can reduce TCP MSS value to improve the performance. This usually happens because of fragmentation of the packet. Change the MSS size on ASA using command "sysopt connection tcp-mss MSS_size_in_bytes". Following link may help you

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml

Actions

This Discussion