Slow IPSec tunnel bw ASA5505& RVl200

Unanswered Question
Jan 26th, 2009

Hello,

I have to establish several VPN tunnels between different sites, all equipped with the above devices, the RVL is the point, there is one PC behind, that has to download and run an application. I can establish the tunnel with no errors in the logs, however with a 4 Mbit/s bandwith I cannot go beyond some 2,5 Mbit/s.

My best guess was the MTU, and it helped, I started with some 200 around K, and went up, as said to some 325 K.

I think that the point is on the Linksys RVL side, that has to reassemble the packets. The MTU is now set to 1380, as suggested in Cisco ASA docs. If I raise or lower this value on the RVL, or do the same on the ASA outer side, it won't help.

One more thing: the RVL seems to get busy within a day, the speed goes down to some 220 K, if I restart it, it goes up again to 320 K.

Other settings are left at default on the ASA, such as pre-segmentation, or DF bit (which is set to copy).

Could someone tell me what am I missing?

Thank you!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
owillins Sun, 02/01/2009 - 08:30

When configuring Security Appliance 2, enter the same values for each of the options that you chose for Security Appliance 1. Encryption mismatches are a common cause of VPN tunnel failures and can slow down the process.

http://www.cisco.com/en/US/docs/security/asa/asa72/getting_started/asa5505/quick/guide/sitesite.html">http://www.cisco.com/en/US/docs/security/asa/asa72/getting_started/asa5505/quick/guide/sitesite.html

janos.csaszar Sun, 02/01/2009 - 11:29

Thanks owillins, but I checked that, those, that need to be the same, are exactly the same.

Actions

This Discussion