Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
305
Views
0
Helpful
1
Replies

EzVPN Internet Issue

Go to solution
ivankalcho
Level 1
Level 1

‎10-28-2023 12:22 PM

 

I have an EzVPN server (ASR router) and client (889 router) set up with full tunnel. The tunnel establishes without any issues and I can ping the inside of the network at the server side and ping the internet through the tunnel, it resolves hostnames and NAT works fine. The issue is the internet is extremely slow and can’t open any websites, so it’s basically unusable. When looking at the virtual interface on the server side I see that the txload goes up to 255/255, so the interface gets overloaded for some reason. Any ideas?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ivankalcho
Level 1
Level 1

‎10-28-2023 01:07 PM

I figured it out, it was a fragmentation issue and I had to set the mtu to 1400 and set tcp adjust-mss to 1360 under the Virtual-Template interface.

interface Virtual-Template1 type tunnel
ip unnumbered Loopback10
ip mtu 1400
ip nat inside
ip tcp adjust-mss 1360
tunnel mode ipsec ipv4
tunnel protection ipsec profile ezvpn_ipsec_profile

View solution in original post

0 Helpful
1 Reply 1

Go to solution
ivankalcho
Level 1
Level 1

‎10-28-2023 01:07 PM

I figured it out, it was a fragmentation issue and I had to set the mtu to 1400 and set tcp adjust-mss to 1360 under the Virtual-Template interface.

interface Virtual-Template1 type tunnel
ip unnumbered Loopback10
ip mtu 1400
ip nat inside
ip tcp adjust-mss 1360
tunnel mode ipsec ipv4
tunnel protection ipsec profile ezvpn_ipsec_profile

0 Helpful
Customers Also Viewed These Support Documents