Cisco Support Community

No bandwidth savings realized when cRTP is used across an IPSec VPN

Core Issue

Compressed Real-Time Protocol (cRTP) and IPSec are not compatible. As a result, bandwidth savings do not accrue and fewer voice calls are supported across a WAN link. If the network designer is not aware of this limitation and has not implemented any Connection Admission Control (CAC), the result may be synthetic voice or choppy voice.


Network managers implement cRTP as a link efficiency mechanism to decrease the overhead of voice traffic on low speed (less than E1) links. cRTP compresses the IP, User Datagram Protocol (UDP) and RTP header in an RTP data packet from 40 bytes to approximately two to five bytes. However, cRTP and IPSec are inherently incompatible standards.

The original IP, UDP and RTP header is encrypted by IPSec by the time the RTP compressor is called upon to perform the compression. Therefore, cRTP cannot associate the encrypted IP, UDP and RTP packet with a known media stream, compression does not occur and bandwidth savings are not realized. The encrypted IP, UDP and RTP packet simply bypasses the compression process and continues.

For more information on synthetic voice and choppy voice, refer to Recognizing and Categorizing Symptoms of Voice Quality Problems.