05-12-2011 10:13 AM
Hello all,
Just wanted to see what you thought of this issue. I have a static IPSEC tunnel with an ASA 5510 (ASA 8.2) in my main location and an ASA 5505 (ASA 8.4) at a satellite office. The tunnel is up and works fine with everything else. Folder access is quick and RDP works with no issues. Now when I try to access a published web page at the main location from the satellite office, it comes up very slowly. We have 3 different web pages hosted on 3 different Windows 2003 servers and they are all slow. When I say slow, I mean it takes a good 30 seconds to load the first page.
I just cannot seem to isolate what this issue might be. I was thinking it might be a gateway issue, but not sure about that. One more thing to note is that if I VPN directly to the main office, the web pages work with no problems which also pointed me to a gateway configuration?
 
					
				
		
05-19-2011 04:05 AM
hi,
I suspect this could be a DNS issue, are there multiple DNS suffixes defined ?
Do you experience the same problem when using a ip address instead of a DNS name ?
Once the first page is loaded do further pages load fine without delay ?
I would also suggest getting a packet capture, so that you can see where is the initial delay :
05-19-2011 06:23 AM
Thanks for the advice. We actually finally figured it out. It seems to be an MTU setting on the ASA, but not just on one side. We changed the MTU
setting on the local ASA to 1460 and that did not resolve the problem. Once we changed the MTU setting on the other side of the VPN tunnel, all the issues with regards to hosted web pages through the tunnel were resolved.
I should note that we also had to change our other Cisco PIX/ASA devices to match that MTU setting in order for them not to show the slowdown as well.
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide