Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 647
  • Last Modified:

Slow response across IPSEC VPN tunnel

Hi,
I have a pix 506e at a remote location terminating a VPN tunnel to a Cisco concentrator 3015 which sits at our corp. offices. The site uses split tunneling so it only accesses the site across the tunnel for corporate traffic. They connect to a terminal emulating program, oracle through a web browser and e-mail via SMTP through the tunnel.

Periodically through out the day the remote end will experience extreme slowness. When I ping across the tunnel the response is 300ms or higher. If I ping the outside interface to check the internet side it pings at 83ms. Since the internet side is stable at 83ms it can't be the internet causing the slow down. I have had every single user in the remote location shutdown all computers and printers but it does not fix the problem they still run at 300ms. I have enabled logging to debugging, installed an SNMP monitor and watch the connections. I do not see anything out of the ordinary and I can't seem to find what is causing the tunnel to slow down to that extreme.

Any ideas?
0
krmis
Asked:
krmis
  • 4
  • 3
1 Solution
 
prashsaxCommented:
It could be due to processor overload at either PIX or Cisco concentrator.



0
 
krmisAuthor Commented:
I don't think it would be the concentrator because its does not happen to all sites at the same time.

As far as the pix how would I check if it was the processor would I just need to run the following command
show cpu usage or is there additional commands?
thanks
0
 
prashsaxCommented:
Yes,

For CPU
show cpu usage

For traffic(Just in case the Internet Bandwidth is being bottleneck)
show traffic

0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

 
krmisAuthor Commented:
Below is the out put from show traffic
how would I be able to tell if the internet bandwidth is being bottlenecked? What should I look for?
thanks



outside:
        received (in 164746.100 secs):
                402190 packets  192630649 bytes
                2 pkts/sec      1012 bytes/sec
        transmitted (in 164746.100 secs):
                383872 packets  62467026 bytes
                2 pkts/sec      14 bytes/sec
inside:
        received (in 164746.100 secs):
                417874 packets  56147600 bytes
                2 pkts/sec      1 bytes/sec
        transmitted (in 164746.100 secs):
                424749 packets  185104798 bytes
                2 pkts/sec      1019 bytes/sec

CPU utilization for 5 seconds = 0%; 1 minute: 0%; 5 minutes: 0%
0
 
prashsaxCommented:
At this time, it is normal.

Do you still get slow response.
0
 
krmisAuthor Commented:
Yes its normal at this time

How would I tell from the show traffic if its a internet bottleneck?
thanks
0
 
prashsaxCommented:
You need to check the bytes/sec stats.

Suppose if you have a 1Mbps link at this site.

The maximum throughput will be 131072 bytes/sec.
Now this figure is for received and transmitted both combined.

When you exp. slow perf. check these stats, add both and see if its close to the limit.


0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now