I have a weird situation. I have an ASA 5520 that is our VPN end point for staff connecting remotely using the Cisco VPN client. ASA 5520 is connecting to one of the interfaces on the ASA 5510 (firewall). 5510 is connected to the inside network.
Most staff members VPN in from home using a wireless connection on a LinkSys router (or a Netgear). Access Point has either WEP or WPA configured for encryption. When they try to open files on a network drive (mapped to a file server in the office) when connected thru the VPN, opening files is very slow. However when WEP or WPA encryption settings are removed from the access point, opening files on the same network drive is much faster. We've noticed this behavior for many people.
Any ideas on how to resolve this? Of course, it is not practical for us to ask staff members to remove encryption settings from their home access points.
The WEP/WPA encryption is only limited to traffic between the remote clients and their respective AP. Once the traffic leaves their AP towards the internet, there is absolutely no encryption! The only reason I think is happening is they are over-loading their access points because of the encryption overhead. CIFS by design was not meant to be used over the WAN, so its slow from the WAN irrespective of VPN,Wireless,WEP or WPA. These things just make it more 'slower'
Also try to enable 'service reset ..' command on the firewall if its already not there.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...