02-19-2013 08:44 AM
Hi,
I have an RV042 VPN tunnel with an RV082.
The RV042 has a public IP Address obtained by PPPoE, the RV082 has a public IP Address
obtained via Static IP.
The problem I see is a really slow performance. Both internet conections are idle and the performance
is about 2 or 3 kbyte/s
My question are if I should I enable any of this:
- Agresive mode
- NAT Traversal
- IP Compresion
- Dead Pear Detection
How can I troubleshot this slow performance?
Regards,
Oliver
Solved! Go to Solution.
02-19-2013 05:16 PM
Hi Olivers, the first thing I'd recommend is to do an on-net speed test and an off net speed test. Meaning, using a speedtest site from your ISP then a speedtest from an external site like speedtest.com. This will give you an idea how your internet is behaving for both sides.
The second I would do is try to lower the tunnel encryptions. As an example if your tunnel is des/md5 it should have extremely low overhead and should increase in performance.
Things such as NAT-T would not help, this is a technology to help map nat'd addresses. Dead peer detection (DPD) is a mechanism that purges the VPN policy after an amount of time when the other side is not detected. Aggressive mode may help out with some speed, it basically sends all negotiations in a 1 shot instead of several phases.
-Tom
Please mark answered for helpful posts
02-19-2013 05:16 PM
Hi Olivers, the first thing I'd recommend is to do an on-net speed test and an off net speed test. Meaning, using a speedtest site from your ISP then a speedtest from an external site like speedtest.com. This will give you an idea how your internet is behaving for both sides.
The second I would do is try to lower the tunnel encryptions. As an example if your tunnel is des/md5 it should have extremely low overhead and should increase in performance.
Things such as NAT-T would not help, this is a technology to help map nat'd addresses. Dead peer detection (DPD) is a mechanism that purges the VPN policy after an amount of time when the other side is not detected. Aggressive mode may help out with some speed, it basically sends all negotiations in a 1 shot instead of several phases.
-Tom
Please mark answered for helpful posts
02-20-2013 08:12 AM
Thanks Tom!
I checked the "AH Hash Algorithm" and selected SHA1 and that solved the problem.
I will test later to lower the encryptions, right now they are setup at AES/SHA1/1
Regards,
Oliver
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide