• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 662
  • Last Modified:

Slow response across IPSEC VPN tunnel

Hi,
I have a pix 506e at a remote location terminating a VPN tunnel to a Cisco concentrator 3015 which sits at our corp. offices. The site uses split tunneling so it only accesses the site across the tunnel for corporate traffic. They connect to a terminal emulating program, oracle through a web browser and e-mail via SMTP through the tunnel.

Periodically through out the day the remote end will experience extreme slowness. When I ping across the tunnel the response is 300ms or higher. If I ping the outside interface to check the internet side it pings at 83ms. Since the internet side is stable at 83ms it can't be the internet causing the slow down. I have had every single user in the remote location shutdown all computers and printers but it does not fix the problem they still run at 300ms. I have enabled logging to debugging, installed an SNMP monitor and watch the connections. I do not see anything out of the ordinary and I can't seem to find what is causing the tunnel to slow down to that extreme.

Any ideas?
0
krmis
Asked:
krmis
  • 4
  • 3
1 Solution
 
prashsaxCommented:
It could be due to processor overload at either PIX or Cisco concentrator.



0
 
krmisAuthor Commented:
I don't think it would be the concentrator because its does not happen to all sites at the same time.

As far as the pix how would I check if it was the processor would I just need to run the following command
show cpu usage or is there additional commands?
thanks
0
 
prashsaxCommented:
Yes,

For CPU
show cpu usage

For traffic(Just in case the Internet Bandwidth is being bottleneck)
show traffic

0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
krmisAuthor Commented:
Below is the out put from show traffic
how would I be able to tell if the internet bandwidth is being bottlenecked? What should I look for?
thanks



outside:
        received (in 164746.100 secs):
                402190 packets  192630649 bytes
                2 pkts/sec      1012 bytes/sec
        transmitted (in 164746.100 secs):
                383872 packets  62467026 bytes
                2 pkts/sec      14 bytes/sec
inside:
        received (in 164746.100 secs):
                417874 packets  56147600 bytes
                2 pkts/sec      1 bytes/sec
        transmitted (in 164746.100 secs):
                424749 packets  185104798 bytes
                2 pkts/sec      1019 bytes/sec

CPU utilization for 5 seconds = 0%; 1 minute: 0%; 5 minutes: 0%
0
 
prashsaxCommented:
At this time, it is normal.

Do you still get slow response.
0
 
krmisAuthor Commented:
Yes its normal at this time

How would I tell from the show traffic if its a internet bottleneck?
thanks
0
 
prashsaxCommented:
You need to check the bytes/sec stats.

Suppose if you have a 1Mbps link at this site.

The maximum throughput will be 131072 bytes/sec.
Now this figure is for received and transmitted both combined.

When you exp. slow perf. check these stats, add both and see if its close to the limit.


0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now