cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
360
Views
0
Helpful
2
Replies

Easy VPN server was set up. great packet loss

xiaoliangyue
Level 1
Level 1

the topology is very basic one:

[srv]------------------Vlan1--[rt871]--Fa4-------------[pc]

[srv]: 172.16.8.100

hardware: C871(C870-ADVSECURITYK9-M), V12.4(11)T3

The Cisco VPN client is V5.0.00.0340

Configurations:

hostname rt871

!

enable password cisco

!

aaa new-model

!

!

aaa authentication login userlist local

aaa authorization network grouplist local

!

!

aaa session-id common

clock timezone PST -8

ip cef

!

username nepp privilege 15 password 0 cisco

!

!

!

crypto isakmp policy 1

encr aes 256

authentication pre-share

group 2

!

crypto isakmp client configuration group pe88888

key aafsdfas

dns 204.174.64.1

domain peakclient.com

pool LPOOL_1

acl 199

!

!

crypto ipsec transform-set aessha esp-aes 256 esp-sha-hmac

!

crypto dynamic-map dynmap1 1

set transform-set aessha

!

!

crypto map cmap1 client authentication list userlist

crypto map cmap1 isakmp authorization list grouplist

crypto map cmap1 client configuration address respond

crypto map cmap1 1 ipsec-isakmp dynamic dynmap1

!

!

!

interface FastEthernet4

ip address 207.x.x.27 255.255.255.240

duplex auto

speed auto

crypto map cmap1

!

interface Vlan1

ip address 172.16.8.1 255.255.255.0

!

ip local pool LPOOL_1 172.16.5.100 172.16.5.199

ip route 0.0.0.0 0.0.0.0 207.12.2.30

!

no ip http server

no ip http secure-server

!

access-list 199 permit ip 172.16.8.0 0.0.0.255 any

!

end

Problem: the [pc] connected VPN, got IP, while pinging [srv], 35-40% packet were lost. Every local physical connection and ip connection is good.

2 Replies 2

Not applicable

One of the reason for slow speed could CEF being enabled. Try disabling CEF and check the packet loss.

Is the command "no ip cef" in global configuration mode?

Thank you very much.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: