Cisco Routers :: RV042 To RV082 Tunnel / NAT-T And Slow Performance?
Feb 18, 2013
I have an RV042 VPN tunnel with an RV082.The RV042 has a public IP Address obtained by PPPoE, the RV082 has a public IP Address obtained via Static IP.The problem I see is a really slow performance. Both internet conections are idle and the performance is about 2 or 3 kbyte/s My question are if I should I enable any of this:
- Agresive mode
- NAT Traversal
- IP Compresion
- Dead Pear Detection
I'm experiencing quite a slow vpn performance. I've tested different scenarios.
* Windows XP with built-ín pptp client and Shrew ipsec client * Linux built-in pptp * wireless and wired connections
I never managed to go above 1MBps neither with windows or linux. I managed to go up to 3MBps using the Shrew client.I've also checked mtu settings and everything seems to be fine.
I'm experiencing quite a slow vpn performance. I've tested different scenarios.* Windows XP with built-ín pptp client and Shrew ipsec client* Linux built-in pptp* wireless and wired connections? I never managed to go above 1MBps neither with windows or linux. I managed to go up to 3MBps using the Shrew client.I've also checked mtu settings and everything seems to be fine.
It took me some time to get the load balancing (RV042 V3, v4.0.4.02-tm) working (my provider ist not returning any packets by the gateway ip on a ping). No I am ruinning into a performance issue. After activating PrtotectLink it takes a few hours or one or two days and the RV042 is reacting very slow. I need to reboot the RV042 and everything is ok again for some time ....Deactivating ProtectLink does not work only rebooting speeds the system up again.ProtectLink ist useless this way, anything I can do to get ProtectLink working?
I have 2 RV042 routers with identical firmware (1.3.13.02-tm) and settings. One router is a backup that sits in a box, but both experience this problem. The WAN port gives very poor performance most of the time. Download speeds range from normal, 25mb, to less than .5mb. Pings from my command prompt or the routers "Diagnostic" page, even to the cable modem, are almost always above 500ms. However, pings to internal resources are fast, usually under 5ms. If I connect my laptop directly to the cable modem I have no speed issues. The problem occurs whether I use WAN1 or WAN2.
If I restart the router, speeds are fine for a few seconds and then it begins to slow down like someone is turning down a dial. We also regularly experience a complete internet disconnect quite often, and when it happens, the ping results are the same when it comes back up, almost like the router is restarting itself. [code]
I'm trying to setup a VPN between an RV042 V3 and an RV082 V2 router. They get connected but no traffic gets through the tunnel. I tried with and without firewall,DPD, Keepalive, forward secrecy but nothing worked. What should I do? I don't want to throw out the V2 routers. V3 to V3 connects fine.
We have offices in USA and Venezuela.In our USA office we have a RV042 router and in Venezuela we have a RV082 router.We have connected a VPN tunnel (gateway-to-gateway) between both offices.
The point is:How could we redirect the internet traffic from our Venezuela office (RV082) to the USA Office (RV042) to navigate using USA public IP's?
The reason for this is that we need to use online streaming services which are only available for IP's from USA and we can't use them from the Venezuelan IP's.
We can not use the PPTP option since the equipment which will use the streaming services (like hulu, crackle, etc.) in Venezuela is a Google TV device which doesn't allow the configuration of proxy navegation or PPTP VPN connections itself. That's the reason why we need to do that through the routers.
I have an RV082 and a RV042. I have been able to successfully establish a gateway to gateway vpn connection between them both, but both Routers unable to ping each other and I can't remotely administer each router through the VPN connection.
I have RV042 V01 and V03 and RV082 V03.I'm wondering if there's a difference between the default actions taken by the "Logs" interfaces?
In the case of the V01 systems, it appears that I get a Security Notification every hour.In the case of the V03 system, it appears that I rarely get a Security Notification.
I have a RV082 v2 with Firmware 2.0.2.01-tm with a Site-to-Site VPN to a Cisco ASA5510.
The PCs behind the RV082 can not see two webservers behind the ASA5510. Both servers have full DNS registration and are accessable from other sites with RV042 routers.
VPN tunnel backup is not available on the RV016 firmware version 4.0.2.08 (it IS on the RV082. The data sheet and the manual for the RV016 is wrong. I have purchased several RV016 hardware V3 and several RV082 hardware V3. Both have the same current firmware version. We have noted that the RV016 does not have the VPN tunnel failover option found in the RV082. It also does not have split DNS (noted in the manual. A I would have thought that the firmware would provide equal options on the RV042, RV082, and RV016.
I have a RV082 that has an issue keeping an IPSEC Gateway to Gateway VPN running from itself to our ASA 5510. At 8 hours of connectivity (I can almost set a clock to it) the Tunnel will say it is connected on the RV082 but on the ASA 5510 the tunnel is not up.
If I click on disconnect on the RV082 under the VPN Summary page things will come back up. from the ASA 5510 side there is nothing I can do to get things back (ping inside "vpn network" or even trying to make a connection to a networked VPN machine).
To make things more complicated I have another VPN on the RV082 to a PIX 506e that works with no issues. I also have another RV082 at another location with the same settings that keeps its tunnel with the ASA 5510 with out any issue. Some things I have tried to try and fix the issue are:
I upgrade the firmware on the Rv082 V3 from 4.0.0.7-tm (what it was shipped with) to 4.1.1.01-sp) - This seemed to have no effect.
on the RV082 I have changed the MTU from automatic to 1428 and 1452 - all this does is make the connection to the PIX 506e unstable like it is for the ASA 5510 I have changed this back to automatic.
since the time of stability seems to be 8 hours I have changed the "Phase 1 SA life time" and "Phase 2 SA life time" to 28800 both at the same time and individually - This seemed to have no effect.
The current configuration on the RV082 are: Local security gateway type: IP Only IP address: (local ISP provided static IP address)
i have an ipsec tunnel between two rv082 routers. (1 v3 Hardware and the other with v2). On both devices are the latest firmware installed.
Everything working fine, the routers establish an ipsec connection but after about two hours, the router with hw version 3 freezes.... nor the wan neither der lan interface is pingable. I can only pull out the power cord. Below attached are the ipsec settings. It´s a Gateway to Gateway connection
I'm using a RV082 with latest firmware v4.0.4.02tm in one of our branch offices. Sometimes the tunnel to the main office (IPCOP 1.4.21) fails. Both sides display the status "tunnel connected" but IP traffic doesn't go through. If i try to ping the main office using the RV082 diagnostic feature, the RV082 seems to run into a loop...the window continues refreshing without any error message and i'm not able to cancel the test. If I restart the RV082 using the web interface, the "diagnose" and VPN problem still exists, even if the web interface told me that the device did a restart.
The only solution is to to a cold restart of the RV082. After that, the VPN tunnel works again....
This problem occurred 3 times in the last 3 weeks. I never hat this problem with previous firmware versions at this ot other sites.
I've been having trouble with the internet connection speed on my Mac. I originally noticed the problem when my mail kept timing out whenever I sent an attachment, I went to different forums trying to find the solution but nothing really worked, so I found work arounds for the email and lived with it. Recently the company I work for moved offices and I was no longer behind the RV082 and my internet ran better dispite the slower connection. Once we finished moving, I needed to use the Dual Wan Load Balance feature of th RV082 so I set it up in the new office and my internet was slow again. Unfortunatly in the new office there are several more Macs than just mine so I really need to get it working. Currently we have 2 seperate networks for PC and Mac and I really need to get them on 1. Is there a setting I may have overlooked or is it not going to work with Mac.
We have tried a variety of options in an attempt to use Load Balancing (Protocol Binding) with an RV082 that has a site to site IPsec tunnel with another RV082. Both are v3.
Here is the issue. We have dual ISPs, one has great bandwidth, but we incur overages. The other has mediocre bandwidth, but has unlimited usage.
GROUP1 - We want most PCs to use the "unlimited" ISP for general surfing, email, etc. (Bound all ports for range of internal IPs to ANY dest to WAN1)
GROUP2 - We want to use the "faster" ISP for our VPN tunnel (mostly RDP and SIP traffic). (Bound all ports for range of internal IPs to ANY dest to WAN2)
So far everything works. The router will route traffic appropriately and GROUP 1 uses WAN1 and GROUP 2 uses WAN2.
Unfortunately, sometimes GROUP1 users need access to resources over the VPN (WAN2).
There is something not right with the routing. For example GROUP1 can ping and receive responses from devices on the other side of the tunnel, but GROUP1 can't access intranet sites on the other side of the tunnel. They also can't RDP to PCs on the other side of the tunnel.
Why does the router correctly route ICMP, but not RDP?
We've tried adding additional protocol binding rules for specific ports(80, 3389, etc) and ip ranges (both local and remote) to see if we could force GROUP1 traffic destined via VPN through WAN2, but it doesn't work.
Shouldn't VPN tunnels created and configured in the RVs not adhere to protocol binding? It just seems logical to me, but maybe I am missing something.
office 1 : rv042 hw3 ISP:Obtain an IP automatically
office 2 : rv042 hw3 ISP:PPPoE
VPN tunnel between both rv042, everything's fine but when i try to ssh from office 2 to an office 1's server, my connection drops.
When it drops, i can still ping pc in office 1, this is really strange!if i change the office 2 ISP to another provider (obtain an IP automatically) everything's ok !
i try to use another PPPoE ISP for office 2 and it's doing the same thing!I've also tried other rv042 in both locations with the same setup and it's doing the same thing, so it's not a router issue.
i've tried older firmware and it's doing the same thing, so it's not a firmware issue!
I have configured a VPN tunnel between two remote locations using static IP addresses on two RV042 routers. The tunnel seems to work but the problem is that when the two hosts attempt to ping each other only one can successfully ping. One PC with IP address 192.168.1.100 can ping across the network but the second PC with IP address 192.168.2.100 cannot. These are laptops seperate from the intranet used to test the tunnel. Someone had suggested NAT may be the issue so I enabled NAT Transverse on the routers but still no luck. The following is the results from a ping test.
PC 1 ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 time=116ms TTL=63 [Code] ......
We have 4 RV 042 routers and cisco router at HQ, we have Site to Site VPN tunnels in between, All branch offices are connected to HQ via S2S VPN tunnels
now lets say i am branch 1, i can access 10.10.1.0/24 network but cant access 10.10.5.0/24 network, means i dont have branch to branch connection, it should be through HQ, means my RV042 at brnach should fwd all traffic to HQ for another branches also. Under VPN tunnel if i try to configure remote destination 10.10.0.0/21 its not allowing me it says network overlaping with local network, how i can sole it, I know how to do in cisco, we can permit those networks in access lists.
I was hoping that the latest firmware would fix my (2) 'bugs', but it did not. We are using the RV042s at our remote medical clinics as an end-point VPN router to our Nortel 1700 VPN router, replacing our old Nortel Contivity 100s.When I try and do a reset when connected remotely via the WAN interface, the RV042 hangs and will only reset by re-powering.
Im able to create a gateway tunnel with two rv042 routers in different locations ( i can see the tunnel connected in the router) but the quick vpn utility is not working , i also tried to use the pptp as server as an alternative( im able to connect using windows connection to the pptp server but whenever I browse any of the four ip's allowed for the pptp server \10.0.0.200-204 it takes me to the documents of the local computer....I attached the configuration for one of the routers it is the same as the other end , just the information is flipped.
After upgrading the firmware on my RV042 router to version 1.3.13.02-tm, I am experiencing very slow Internet response on most sites. In some instances, when the page does load, it lacks many graphics. Frequently, I also receive a "server not found"error. In all cases, reloading the page (once it has loaded) results in a complete page display. This is occuring on two MacBook Pros and also on an iPad. The router is a version 1, so no further upgrades are available. I contacted support, but since it is out of warranty, they are unwilling to assist. Prior to the upgrade, everything worked fine, as it has for 5 years.
I recently inherited a small network. There is an existing 1.5mbps Internet connection (fa0/0) (includes MPLS as well/same provider). We added a new ISP that allows for 50mb down/5mb up. I added the new ISP to fa0/1 and modified the NAT overload statements accordingly. I alo changed the default route to ONLY use the new, faster ISP connection. Using speedguide.net, I am only able to get 6 to 10mb down, most of the time. if I plug a laptop into the cable modem then I get 37 to 50mb down. Why the 2811 is so slow?
I have attached the config and various show outputs (nat, sh ver, memory, etc.). the file called "latest logs" contains a "sh ip traffic, sh int switching and a sh proc cpu sorted". [code]
I am currently using Netgear FVS338 Routers / VPN Devices in 3 different locations and honestly I am not happy / impressed with them whatsoever.I have been doing some research and came across the Linksys RV042 and RV082 devices that caught my eye. The question is what is the VPN throughput of these devices?I have gone over the website, spec sheets and they only really say the throughput of the LAN Links and not the WAN Links. I currently have very reliable 20Mb+ Synchronous connections between all 3 sites and have not been able to get any good performance out of the Netgear devices and contacting their support is a joke. They can't tell you anything other than it should work or we will swap out the unit. Well if I have 3 of them that have been purchased at all different times I don't believe that they are all having the same issues. What these units 3DES VPN Throughput and will more than likely be purchasing 3 of which ever once suits our needs immediately.
i am feeling an issue related to 2 x 6509 with fwsm.
Mod Ports Card Type Model --- ----- -------------------------------------- ------------------ ----------- 1 6 Firewall Module WS-SVC-FWM-1 2 48 CEF720 48 port 1000mb SFP WS-X6748-SFP 3 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX 4 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX 5 5 Supervisor Engine 720 10GE (Active) VS-S720-10G
Hw Fw Sw Status ------------ ------------ ------- 4.3 7.2(1) 4.1(2) Ok 1.12 12.2(14r)S5 12.2(33)SXH3 Ok 3.0 12.2(18r)S1 12.2(33)SXH3 Ok 3.0 12.2(18r)S1 12.2(33)SXH3 Ok 2.1 8.5(2) 12.2(33)SXH3 Ok
on fwsm we have different dmz for different application. mostly of Oracle (1521 port) to application means seperate one. problem is oracle people reported the slow performace when exporting dump from once vlan to another. before that they are using 3com technology (network) and on this its ok. time difference is double from old to new.
i had sniffed the traffic also and found alot of TCP OUT OF ORDERS errors. i read that this is the bug which is resolved in 4.0.
my switches layer 3 intervlan routing performance is dropping.What would cause this performance drop? I am not pummeling the switch with massive transfers constantly like an enterprise envirnoment would do or a colo center. [code]...
