We have several remote offices connected to the HQ via PIX to PIX L2L Ipsec tunnels.
The remote offices are reporting performance issues. For diagnostics, I am using hrping.
During pings, I am getting a large number of ICMP Redirects
C:\Documents and Settings\hannibal>hrping pvl
This is hrPING v2.34 by cFos Software GmbH -- http://www.cfos.de
Pinging pvl [10.1.4.1]
with 64 bytes data (92 bytes IP):
Reply from 10.1.4.1: seq=0000 time=21.667ms TTL=128 ID=a97d
Reply from 10.1.4.1: seq=0001 time=21.583ms TTL=128 ID=a97f
Reply from 10.1.13.199: redirect for network; seq=0002 time=0.460ms
Reply from 10.1.4.1: seq=0003 time=21.449ms TTL=128 ID=a981
Sometimes redirects represent 50-70% of results.
The network is pretty simple. 10.1.13.199 is the gateway L3 switch (Cisco 3550-48 L3). It's default gateway is a PIX 506e (6.3(5)). The PIX does an IPSec VPN. The outside of the PIX connects with a 2611, connected to a T1.
No dual gateways or anything that could be causing ICMP Redirects.
Any ideas why I am seeing this?