Slow response across IPSEC VPN tunnel

Posted on 2006-06-22
Last Modified: 2008-03-10
I have a pix 506e at a remote location terminating a VPN tunnel to a Cisco concentrator 3015 which sits at our corp. offices. The site uses split tunneling so it only accesses the site across the tunnel for corporate traffic. They connect to a terminal emulating program, oracle through a web browser and e-mail via SMTP through the tunnel.

Periodically through out the day the remote end will experience extreme slowness. When I ping across the tunnel the response is 300ms or higher. If I ping the outside interface to check the internet side it pings at 83ms. Since the internet side is stable at 83ms it can't be the internet causing the slow down. I have had every single user in the remote location shutdown all computers and printers but it does not fix the problem they still run at 300ms. I have enabled logging to debugging, installed an SNMP monitor and watch the connections. I do not see anything out of the ordinary and I can't seem to find what is causing the tunnel to slow down to that extreme.

Any ideas?
Question by:krmis
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 13

Expert Comment

ID: 16960401
It could be due to processor overload at either PIX or Cisco concentrator.


Author Comment

ID: 16960457
I don't think it would be the concentrator because its does not happen to all sites at the same time.

As far as the pix how would I check if it was the processor would I just need to run the following command
show cpu usage or is there additional commands?
LVL 13

Expert Comment

ID: 16960521

show cpu usage

For traffic(Just in case the Internet Bandwidth is being bottleneck)
show traffic

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 16960557
Below is the out put from show traffic
how would I be able to tell if the internet bandwidth is being bottlenecked? What should I look for?

        received (in 164746.100 secs):
                402190 packets  192630649 bytes
                2 pkts/sec      1012 bytes/sec
        transmitted (in 164746.100 secs):
                383872 packets  62467026 bytes
                2 pkts/sec      14 bytes/sec
        received (in 164746.100 secs):
                417874 packets  56147600 bytes
                2 pkts/sec      1 bytes/sec
        transmitted (in 164746.100 secs):
                424749 packets  185104798 bytes
                2 pkts/sec      1019 bytes/sec

CPU utilization for 5 seconds = 0%; 1 minute: 0%; 5 minutes: 0%
LVL 13

Expert Comment

ID: 16960720
At this time, it is normal.

Do you still get slow response.

Author Comment

ID: 16961065
Yes its normal at this time

How would I tell from the show traffic if its a internet bottleneck?
LVL 13

Accepted Solution

prashsax earned 500 total points
ID: 16961272
You need to check the bytes/sec stats.

Suppose if you have a 1Mbps link at this site.

The maximum throughput will be 131072 bytes/sec.
Now this figure is for received and transmitted both combined.

When you exp. slow perf. check these stats, add both and see if its close to the limit.


Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question