10-28-2009 04:28 AM
Good morning from Greeceâ¦
I am new to this forum and happy to see that I can find people that share their interest in networking⦠So I need your help-advice-opinion PLEASE give itâ¦
I have configured 2 Cisco 876 with an Ipsec tunnel (to communicate over dsl 24/1Mbps)
The matter is that I can ping the edge of my tunnels BUT when I try to copy from Win or ftp I get some errors (see the attachment)â¦and the transfer is TOO slowâ¦(I have no problem with www)â¦Please HELP meâ¦
My two networks are 192.168.1.0/24 and 192.168.2.1/24, I use static IPsâ¦
THANK you all
Attachments
1. sh run
2. sh dsl int atm 0
3. http://www.flickr.com/photos/44045127@N03/4049731432/
(link of the error while transfering)
10-29-2009 07:31 AM
Two remarks:
1: Your DSL only has an upstream bandwidth of 1Mb. This puts a limit on the VPN transfer speed.
2: You should modify the ACL's to accept all ip traffic from the VPN peer, not just a subset of protocols.
regards,
Leo
10-29-2009 08:32 AM
thank you Leo,
i know that i have this limited BW but i cant even achive 768kbit/sec while transfering
2. what do u mean?
i use the
access-list 110 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255 which allows everything... isnt it correct?
3.Do u know what may causes the error (see the link)
4. The mtu size on my Dialer should be 1492?
do u think the configuration is correct?
THANK YOU
10-30-2009 01:49 AM
Replace this:
access-list 102 permit ahp host R.R.R.R any
access-list 102 permit esp host R.R.R.R any
access-list 102 permit udp host R.R.R.R any eq isakmp
access-list 102 permit udp host R.R.R.R any eq non500-isakmp
with this:
access-list 102 permit ip host R.R.R.R host (your-public-ip)
MTU of 1492 should be fine.
regards,
Leo
10-30-2009 09:36 AM
Well,
My new configuration according to Leos advice is in the attachmentâ¦
I still have problem with the transfer I increased the throuput (but not yet to max) but I still get errors. Please check the linkâ¦thank you allâ¦
10-30-2009 09:42 AM
Well,
My new configuration according to Leos advice is in the attachmentâ¦
I still have problem with the transfer I increased the thgrouput (but not yet to max) and I still get errors. Please check the linkâ¦thank you allâ¦
REALLY THANK YOU FOR HELP
http://www.flickr.com/photos/44165167@N07/4058018945/
10-31-2009 03:22 AM
Sorry, this is the attachmnet of sh run, please check te error at http://www.flickr.com/photos/44165167@N07/4058018945/sizes/l/
thank you all
11-02-2009 04:52 AM
This may very well be what it says:
Please check the network adapter settings on the end-nodes to see if perhaps TCP-offload is configured there.
It is not likely that this problem is related to your config because the router typically operates at IP level (layer 3) and does very little with the rest of the packet.
regards,
Leo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide