Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3303
Views
5
Helpful
5
Replies

Poor VPN Performance - Cisco RV220W and WRVS4400N Routers

Go to solution
Anup Sasikumar
Level 1
Level 1

‎10-29-2012 11:00 PM

Hi ,

At one of our client locations IPSec VPN is established between Cisco RV 220W and Cisco WRVS4400N Routers.

Router /VPN /ISP Details are as given below

Location A Location B

Internet Details

----------------------

Download : 6-10 Mbps
Upload     : 1-2 Mbps

Router Details

----------------------

Cisco RV220W

Firmware : 1.0.3.5


IKE Policy

Encryption : 3DES
Authentication : MD5
Group : Group 2
Key Lifetime : 28800 sec

VPN Policy

Encryption      : 3DES
Authentication : SHA-1
Group             : 1024 bit (Group 2)
Key Lifetime    : 3600 sec
Perfect Forward Secrecy : Enabled

Internet Details 

-------------------------

Download : 1.35 Mbps
Upload     : 1.24 Mbps


Router Details

----------------------

Cisco WRVS4400N

Firmware version : V2.0.1.3


Phase  1

Encryption      : 3DES
Authentication : MD5
Group             : 1024 bit (Group 2)
Key Lifetime    : 28800 sec


Phase  2

Encryption      : 3DES
Authentication : SHA-1
Group             : 1024 bit (Group 2)
Key Lifetime    : 3600 sec
Perfect Forward Secrecy   : Enabled

From the day the VPN was implemented, the performance was poor. Frequent disconnections of live sessions to VPN nodes and very low data transfer rates is been worrying users.

The Servers are in Location A and the users at Location B gets authenticated at DC Server in Location A

Terminal Server remote applications such as Quickbooks, QQ Evolution,Attendance RX are also being used from Location A by users in Location B

The login is time consuming and all the applications are extremely slow.

I tried to copy files between share folders in between two locations and the results are as follows

Location A to Location B -> 130Kbps to 140 Kbps

Location B to Location A -> 150Kbps to 160 kbps

What can be the problem for such poor VPN performance ? .

-Would changing the encryption settings to less secure DES /MD5 have any significant impact as it can reduce the overhead on the Routers ?

-Even though both the routers are SMB routers , it does have really good VPN throughput according to the data sheets. I could not find VPN throughput mentioned in WRVS4400N data sheet. I have also noted from one of the threads in CSC that the VPN throughput of WRVS4400N was mentioned really low as only around 1.6Mbps. (https://supportforums.cisco.com/thread/2107881)  Whereas  RV220W router has 90Mbps VPN throughput , according to the data sheet.

So what can be the exact cause of the issue and what can be the possible fixes?

Please help !

Anup Sasikumar

      

Newbie to Cisco VPN Router, please help

Regards,
Anup
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Te-Kai Liu
Level 7
Level 7
In response to Anup Sasikumar

‎11-04-2012 06:56 AM

RVS4000 was designed to operate in a small office. It supports 5 VPN tunnels with a maxium of 2 Mpbs throughput measured in a labs environment. It has a processor that has an integrated IPS engine, which could deliver 20 Mbps LAN-WAN throughput when IPS is enabled.

RV220W was deisgned to operate in a slightly bigger office with 25 IPsec VPN tunnels. It has a processor that has an integrated crypto engine that can deliver 90 Mbps of IPsec throughput. RV220W also supports 5 SSL VPN tunnels that can be used by employees or business partners for remote access.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Tom Watts
VIP Alumni
VIP Alumni

‎10-29-2012 11:15 PM

Judging from your location B details, I would say you're fortunate. 160 kbps is 1.31 mbit. That means the tunnel isn't penalizing your transfer rates. You can only operate at the fastest link.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Go to solution
Anup Sasikumar
Level 1
Level 1

‎11-04-2012 05:05 AM

Oh, Yes Yes. Thanks for pointing out. We are indeed getting the maximum available speed from the link right ? So I guess , upgrading the link speed at location B would provide better performance.

I have seen posts saying the maximum VPN throughput of Cisco WRVS 4400N is only around 1.6 Mbps. Is it so ? I could not find any reference to VPN throughput details in the specs / datasheets.


Sent from Cisco Technical Support Android App

Regards,
Anup
0 Helpful

Go to solution
Te-Kai Liu
Level 7
Level 7
In response to Anup Sasikumar

‎11-04-2012 06:56 AM

RVS4000 was designed to operate in a small office. It supports 5 VPN tunnels with a maxium of 2 Mpbs throughput measured in a labs environment. It has a processor that has an integrated IPS engine, which could deliver 20 Mbps LAN-WAN throughput when IPS is enabled.

RV220W was deisgned to operate in a slightly bigger office with 25 IPsec VPN tunnels. It has a processor that has an integrated crypto engine that can deliver 90 Mbps of IPsec throughput. RV220W also supports 5 SSL VPN tunnels that can be used by employees or business partners for remote access.

0 Helpful

Go to solution
Anup Sasikumar
Level 1
Level 1
In response to Te-Kai Liu

‎11-04-2012 09:37 AM

Hi Tekliu,

Thank you for providing the detailed information !

Is WRVS4400N Router in the same family as that of RVS4000 you mentioned ?

Regards,

Anup

Regards,
Anup
0 Helpful

Go to solution
Te-Kai Liu
Level 7
Level 7
In response to Anup Sasikumar

‎11-04-2012 10:41 AM

Yes, RVS4000 and WRVS4400N are in the same family.

0 Helpful
Customers Also Viewed These Support Documents