1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

BEFSX41 , RV042 and slow VPN performance

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by emsbronco, Jul 22, 2005.

  1. emsbronco

    emsbronco Network Guru Member

    I have set up the main office with a RV042 and 2 remote offices with the BEFSX41 and have configured the VPN and got them to function. The problem I am having is that the VPN is very slow.

    The primary office (with the RV042) is on DSL with 784/368 connectivity (static IP), one remote office is on DSL with 784/368 (dynamic IP) and the other remote office is on cable modem with 1 Mb/256 (static IP). Both remote offices are extremely slow when accessing data over the VPN. Web browsing and downloading is fine. As a quick test, I temporariliy opened a port at the main office and accessed from a remote offices (with the VPN turned off) and saw good speeds, so I believe the speed issue is due to the VPN config.

    I have read that MTU should be reduced to allow for VPN overhead. I have done that on the RV042 side, but I can not do that for the remote offices. The BEFSX41 has the MTU setting under the ISP information. When I change that from auto to any number, I lose all internet connectivity. When I change it back to auto, Internet connectivity returns. I have done a search and see that several people have posted about this MTU setting issue on other forums, but nobody seems to have a good answer except to set back to auto. I also read in several places that changing the MTU setting seems to only affect outgoing packets.

    I do not know what version firmware is on each (I have to get back into the office to see). But, I was hoping that someone here would have some ideas on what I can do to improve VPN performance and/or modify the MTU setting to help boost performance.

    Doing a few ping -l tests, it appears the best round trip times is around a packet size of 1150. Does this sound right?

  2. Kompressor

    Kompressor Network Guru Member

    Of course it's slow. You're used to using a LAN running at 100Mbps, now you’re using a VPN running at either 368Kbps or 256Kbps.

    To improve performance, try getting a 100Mbps symmetric connection.
  3. emsbronco

    emsbronco Network Guru Member

    I completely understand the difference in speed between LAN and WAN connections.

    I tested speed by accessing the same file via FTP through the firewall (VPN turned off) and via the VPN connection and shared network location. The difference in speed was dramatic. I know it is not the best way to test, but the difference in speed is a lot more than what I expected from VPN overhead. I believe I have identified one source of slowness being the MTU.

    So, the root of my question was why can I not change the MTU on the BEFSX41 without losing Internet connectivity?
  4. TazUk

    TazUk Network Guru Member

    A firmware bug most likely.

Share This Page