09-13-2018 08:51 AM - edited 02-21-2020 08:14 AM
Hello,
We've been having an issue with one of the IPSec Tunnels where the tunnel would stay up but becomes congested which causes significant traffic delays and latency. The only way to resolve the issue is if we reset the tunnel on one of the ends(i.e. Site A). I've been trying to search for information to explain why the tunnel would become congested, what commands to use to diagnose the congestion issue, and how to resolve such issues.
I appreciate the assistance.
Best, ~sK
09-13-2018 09:04 AM - edited 09-13-2018 09:09 AM
Hi,
When you say congested that would imply that a lot of traffic is going over the VPN tunnel, you probably need to increase the bandwidth or use QoS to shape the traffic. You can use netflow in order to identify the top talkers (source/destination) and define QoS policies from there.
Assuming it's you are using an ASA the command "show local-host detail" would give use some information on the hosts and the number of connections, traffic etc.
HTH
09-13-2018 09:35 AM
Thanks for your input and suggestions. Yes, we're using ASAs. The command you provided is very helpful.
Much appreciated.
Best, ~zK
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide