Re: Troubleshooting slow response to email via vpn
I'll tell you, I used to have the exact same problem at my last company.
We had an Exchange server for email and everyone used Cisco's VPN client.
Email was so slow, it was ridiculous sometimes. Everything else was OK, though. Other applications were OK, and network management was also good. It was just Exchange.
I know that Exchange is notorious for being delay intolerant, but this was bad! and it seemed to get worse with time.
Anyway, I dont know if you have done any troubleshooting yet or not, but you would definitely want to focus on the MTU settings for the VPN connection. Remember that IPSec adds overhead that may cause the ethernet frame to exceed the network's allowable MTU, so the packets get fragmented and reassembled at the receiving end. This can be a very slow process. And some applications are not very tolerant of fragmentation, like SQL and, I think, Exchange, too.
The problem with client VPN is that you would have to adjust each user's PC MTU. With site-to-site VPN, you can, of course, set the maximum segment size of the entire tunnel, so all users sitting behind the tunnel will be forced to conform to the tunnel's stips.
But you can try doing that on a few PCs to see if anything changes. I changed the PCs MTU using freeware called DR. TCP/IP. You can download it for free and it will allow you to change the PCs MTU very easily -- just a few keystrokes, instead of having to go into the registry and get stupid with Windows.
Change the output segment size for the PC to, say, 1400, and see if that improves anything. You would also want to change it on the 3000. I forgot how to do it on the 3000.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...