11-07-2010 12:35 AM
Hello
i have two branches connected over WAN connection (MPLS) using two 2921 routers.the connection is 2M.
i configured a VPN between these two sites, but after that the connection become very slow.
is there any thing i can do to accelerate the connection speed.
the VPN proposals are:
Phase 1 Proposals: 3DES, Preshared Key,
Phase 2 Proposals: esp-3des esp-sha-hmac
i dont think that lowering the Proposals security levels will add alot to the speed.....
Solved! Go to Solution.
11-07-2010 01:21 AM
hi Mahmoud,
one thing that you should definetly do is go hardware encryption if you are not already doing tht, it also reduces load on your cpu
other things you could try is playing around with mtu, depending on your line mtu and what application are mainly used. try to set the mtu to atleast 60 odd bytes lower than the line mtu and also sometimes server have recommended mtu settings like many server have mtu requirement to be 1300 or 1400, if it not that much it might result in lot of re transmissions, you can also try crypto pre-fragmentation
11-07-2010 01:21 AM
hi Mahmoud,
one thing that you should definetly do is go hardware encryption if you are not already doing tht, it also reduces load on your cpu
other things you could try is playing around with mtu, depending on your line mtu and what application are mainly used. try to set the mtu to atleast 60 odd bytes lower than the line mtu and also sometimes server have recommended mtu settings like many server have mtu requirement to be 1300 or 1400, if it not that much it might result in lot of re transmissions, you can also try crypto pre-fragmentation
11-07-2010 06:53 AM
i adjusted the MTU to be lower than the WAN link and it works.
Thank you
11-07-2010 05:02 PM
I am glad it helped
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide