cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
608
Views
0
Helpful
2
Replies

Slow IPSec tunnel bw ASA5505& RVl200

janos.csaszar
Level 1
Level 1

Hello,

I have to establish several VPN tunnels between different sites, all equipped with the above devices, the RVL is the point, there is one PC behind, that has to download and run an application. I can establish the tunnel with no errors in the logs, however with a 4 Mbit/s bandwith I cannot go beyond some 2,5 Mbit/s.

My best guess was the MTU, and it helped, I started with some 200 around K, and went up, as said to some 325 K.

I think that the point is on the Linksys RVL side, that has to reassemble the packets. The MTU is now set to 1380, as suggested in Cisco ASA docs. If I raise or lower this value on the RVL, or do the same on the ASA outer side, it won't help.

One more thing: the RVL seems to get busy within a day, the speed goes down to some 220 K, if I restart it, it goes up again to 320 K.

Other settings are left at default on the ASA, such as pre-segmentation, or DF bit (which is set to copy).

Could someone tell me what am I missing?

Thank you!

2 Replies 2

ebreniz
Level 6
Level 6

I understand that you are experiencing a slow connection when using the VPN. We can improve the connection by changing the TCP MSS size on the ASA to 1200. The command is sysopt connection tcpmss 1200.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml">http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml

Thanks ebreniz for your suggestion.

I issued the command, but that does not seem to change anything, even after disconnecting and reconnecting the tunnel.

Review Cisco Networking products for a $25 gift card