Low latency with VPN

peter.saldanha · ‎05-06-2005

Hi

I have established a site to site VPN between two pix 515 firewalls. I am facing a letency problem sometimes via this connection. When I ping end to end, I get slow response some time. Is there any way to tackle this?

spremkumar · ‎05-09-2005

hi

how do u measure the latency and wht do u meant by end to end in ur post ?

ru pinging from local lan pc to other ends local lan pc ?

whts the kinda connectivity avl between ur locations and how they r connected ?

if possible do post a schematic fig representing ur network..

regds

peter.saldanha · ‎05-10-2005

Hi

I have configured a PIX to PIX site to site VPN. I am getting a slower performance compared to if I configure site to site vpn via router to router connection. Is there any way I can improve the performance with PIX TO PIX.

ehirsel · ‎05-11-2005

What kind of connectivity is the service provider offering? If it is ADSL or some type of PPPoE/PPPoA then the max mtu size is 1492, not 1500. I suspect that most of the issues lie with path mtu discovery not working (or yielding incorrect values, such as a mtu of 1500 instead of 1492 when flowing over ADSL).

Another item to look at is the pix interface link speed and duplex settings. Insure that the pix interface and the switch connection port settings with regards to link speed/duplex are explicitly set to the same value on both ends - autonegotiate can cause problems and is not worth using in my opinion.

Let me know if this helps.