Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Latency is high across the VPN Tunnel

My latency from one Cisco 1800 router is very high back to the main Cisco 1800.  When testing latency outside of the vpn, we have better response.  Is there anything I can do with the configuration?  Is there a way to narrow this down to the ISP?  I have an IPSec tunnel.  Routher has 12.3 IOS

Everyone's tags (1)

Re: VPN Latency is high across the VPN Tunnel


Can you post out a network diagram of the scenario which you were referring in your post?

It will be easier to understand the problem points and the bottlenecks with a diagram.


New Member

Re: VPN Latency is high across the VPN Tunnel

Remote location is a DSL internet connection and main office is a T1.  Remote location is about 900 miles from main office.  I have been having them do random pings to the main location on three devices:

Inside server at main location so the test is going across the VPN

Public DNS server (so packets are outside of the VPN)

Device at the remote location, to test out local LAN.

When the main office does the same test back to the remote location, our responses are better.  I hope this helps present the picture.  Here is the crypto & policy map:

crypto map ilcomn 1 ipsec-isakmp
  set peer
  set transform-set ESP-3DES-SHA
  match address 100
  qos pre-classify

policy-map QoS
  class ef
   priority 240 30000
  class af
   bandwidth 64
  class class-default
policy-map MQC
  class class-default
   shape average 1900000
   service-policy QoS

Hall of Fame Super Gold

Re: VPN Latency is high across the VPN Tunnel

"Very high" like how much?

What delay difference there is by pinging internal and external VPN address ?

New Member

Re: VPN Latency is high across the VPN Tunnel

From 200ms on up...even have hit 700 and above.

Internal LAN < 15 ms consistently.

It's when traffic is going through VPN, we have high numbers.