×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

NAT overlapping through IPSec VPN

Answered Question
Oct 30th, 2006
User Badges:

I have followed the instructions on http://cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800b07ed.shtml

and have been able to establish the VPN and ping through to each host. I am having problems with some of the packets getting dropped. I am using low cost equipment (1812 and 1841 routers) and I am wondering if this is the reason it is dropping half of my packets. Or if there is some other reason this is happening. I would like to know if I can impliment QOS on this traffic that needs to pass from site to site. Since 50% packet loss is unacceptable.

Correct Answer by ajagadee about 10 years 9 months ago

Joe,


Depending upon the amount of traffic that you sending across the tunnel, the 1800 series router may or may not be the right fit. But, we need to find out whether the packets are getting dropped due to oversubscription of the link or due to the processing power of the router getting maxed out.


Below is the data sheet for 1800 fixed Model router and the performance number of IPSEC is 40 Mbps 3DES @ 1400 byte packets.


http://www.cisco.com/en/US/products/ps5853/products_data_sheet0900aecd8028a95f.html


BTW, you could use QOS to prioritize, shape, police, etc the packets but if another networking device is dropping packets, then it is not going to make a difference and you are still going to have dropped packets.


Regards,

Arul


** Please rate all helpful posts **




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
ajagadee Tue, 10/31/2006 - 18:32
User Badges:
  • Cisco Employee,

Joe,


Depending upon the amount of traffic that you sending across the tunnel, the 1800 series router may or may not be the right fit. But, we need to find out whether the packets are getting dropped due to oversubscription of the link or due to the processing power of the router getting maxed out.


Below is the data sheet for 1800 fixed Model router and the performance number of IPSEC is 40 Mbps 3DES @ 1400 byte packets.


http://www.cisco.com/en/US/products/ps5853/products_data_sheet0900aecd8028a95f.html


BTW, you could use QOS to prioritize, shape, police, etc the packets but if another networking device is dropping packets, then it is not going to make a difference and you are still going to have dropped packets.


Regards,

Arul


** Please rate all helpful posts **




Actions

This Discussion