1720 with CBAC and VPN connection via ethernet outside to the internet
For a vpn connection we have a 1720 with CBAC connected to the internet via an ethernet interface to an SDLC modem (2Mbit/s). Activating a full set of inspection rules performance to the internet slows down from 200 kByte/s to 2-5 kByte/s, many timeouts and output errors on the ethernet interface occur.
Omitting the http inspection, performance returns to 200 kByte/s, with less output errors and timeouts.
This happened with images from 12.1-5YB1 to 12.2-4.T1. This problem is at TAC since Nov. 2001 and no solution up to now.
Does anybody an idea about this problem or does anybody experience this problem too?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...