[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

latency site-tosite after isakmp policy change

We did a policy change and changed it to

crypto isakmp policy 50
 authentication pre-share
 encryption aes-256
 hash sha
 group 2
 lifetime 86400

All these sites have cable or dsl business connections. We are experiencing increased latency with this new policy. We did have isakmp policy 10 on there with 3DES.  These devices are Pix506e's and some are ASA5505s.

Could the new policy change be the cause?
1 Solution
dissolvedAuthor Commented:
anyone? Can isakmp policies really dissolve bandwidth?
I wouldn't think it has an impact on bandwidth.  But it will certainly be more CPU intensive, and perhaps also memory (if the policy is picked).  Which in turn may affect the effective bandwidth through the device.

Have you checked the CPU/Memory loads on these rather small devices while running this VPN traffic?

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now