Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

L2L Tunnel w/o Hardware Accelerator Issue


A confusing matter is occuring and here is the scenario:

I have two PIX-515E-R units with a L2L IPSec tunnel established. One of them is in the UK and the other one is in Jordan (Middle East); the Internet link in the UK is super fast but the link in Jordan is only 512Kbps. Everything was running fine till we increased the number of users in the branch office where the tunnel performance got worse. When we PING through the tunnel we get delay figures between 500-1200 mS but when we PINg an extrnal IP (sitting in the same location in the UK) from the same machine in Jordan it ranges between 100-150 mS and this is a big difference.

What I can see is that it's only when we go through the tunnel, the delay figures will shoot very high. The only thing that is coming through my mind is the lack of hardware acceleration on both PIXs but again I contradict with myself since the link is only 512Kbps and the CPU utilisation on both PIXs is never above 10%.

Any ideas or recommendations ???



New Member

Re: L2L Tunnel w/o Hardware Accelerator Issue

Sometimes URL filters enabled on the PIX might cause delay.Try disabling it and see how it works.If URL filter needs to be enabled it can be done using Websense server.