BEFSX41 , RV042 and slow VPN performance

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by emsbronco, Jul 22, 2005.

  1. emsbronco

    emsbronco Network Guru Member

    I have set up the main office with a RV042 and 2 remote offices with the BEFSX41 and have configured the VPN and got them to function. The problem I am having is that the VPN is very slow.

    The primary office (with the RV042) is on DSL with 784/368 connectivity (static IP), one remote office is on DSL with 784/368 (dynamic IP) and the other remote office is on cable modem with 1 Mb/256 (static IP). Both remote offices are extremely slow when accessing data over the VPN. Web browsing and downloading is fine. As a quick test, I temporariliy opened a port at the main office and accessed from a remote offices (with the VPN turned off) and saw good speeds, so I believe the speed issue is due to the VPN config.

    I have read that MTU should be reduced to allow for VPN overhead. I have done that on the RV042 side, but I can not do that for the remote offices. The BEFSX41 has the MTU setting under the ISP information. When I change that from auto to any number, I lose all internet connectivity. When I change it back to auto, Internet connectivity returns. I have done a search and see that several people have posted about this MTU setting issue on other forums, but nobody seems to have a good answer except to set back to auto. I also read in several places that changing the MTU setting seems to only affect outgoing packets.

    I do not know what version firmware is on each (I have to get back into the office to see). But, I was hoping that someone here would have some ideas on what I can do to improve VPN performance and/or modify the MTU setting to help boost performance.

    Doing a few ping -l tests, it appears the best round trip times is around a packet size of 1150. Does this sound right?

    Thanks!
     
  2. Kompressor

    Kompressor Network Guru Member

    Of course it's slow. You're used to using a LAN running at 100Mbps, now you’re using a VPN running at either 368Kbps or 256Kbps.

    To improve performance, try getting a 100Mbps symmetric connection.
     
  3. emsbronco

    emsbronco Network Guru Member

    I completely understand the difference in speed between LAN and WAN connections.

    I tested speed by accessing the same file via FTP through the firewall (VPN turned off) and via the VPN connection and shared network location. The difference in speed was dramatic. I know it is not the best way to test, but the difference in speed is a lot more than what I expected from VPN overhead. I believe I have identified one source of slowness being the MTU.

    So, the root of my question was why can I not change the MTU on the BEFSX41 without losing Internet connectivity?
     
  4. TazUk

    TazUk Network Guru Member

    A firmware bug most likely.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice