Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Slow conection between Netgear FVL328 VPNs 1

Status
Not open for further replies.
lorel

lorel

MIS
Jun 15, 2004
158
0
0
We have installed Netgears FVL328 Firewals betwen our main office (Were our main server is located) and our satelite office, we also have two employees working from home using the Netgear unit.
All the users have fix tpc/ip address provided by their ISP.
Problem: the communication is very slow the satelite office and the employees complain about the speed of the connection. We have checked the units and we can not seem to find were the problem resided.
The satelite office has two tunels set up with us, one is set as agresive mode and the other is as main. Both are slow.
Since I am not an expert in VPNs can someone give me and idea of were I should look?
 
Sort by date Sort by votes
Try adjusting the MTU settings on the PC clients.

Here's how to find the right MTU. While connected to the VPN, ping a server on your coporate network using the following command:
ping -f -l X a.b.c.d

To be clear the "-l" is a lowercase "L", not a number one. Replace the "a.b.c.d" with the IP address of your server. The "X" will be a number you will use to determine the MTU. For example, ping -f -l 1500 192.168.0.10. Start with 1500. If you get "Request timed out" or "Packet needs to be fragmented but DF set", try 1490. Keep decreasing the number by 10 until you get "Reply from a.b.c.d". Once you get replies, increase the number by 1 until you get a "timed out" or "fragement but DF set" error.

Take the highest number that got replies and add 28 to that to get the MTU. Set the MTU in the registry.

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\ (find your NIC interface)

Then add:

(DWORD) MTU=<MTU for your network card to the MTU you came up with>

Then disable automatic MTU discovery at:

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Add:

EnablePMTUDiscovery="0" (DWORD - boolean, valid settings are 0-->False and 1-->True)

Reboot.

Checkout DSL reports web site. Lots of good info about MTU
 
Upvote 0 Downvote
nsantin:
Thank you for taking the time to answer my question.

I have not tried as yet to make the changes you suggested, because I want to make sure you have all the information.

The VPM is setup Netgear to Netgear, there is no VPN client in any of the PCs, we also have a situation were conection to the internet is slow and this happens to all users.

I your answer is correct, would this means than I have to do the change to al PCs in my network? and What about our UNIX systems (SCO UNIX)? they also experience a slow connection.

Could it be posible the problem is in the actual setting of the firewall?

Thank you again

Joe
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jeepxo
  • Locked
  • Question
Sending data across 2 VPNS 1
Replies
4
Views
59
jeepxo
jeepxo
raist3001
  • Locked
  • Question
Creating an IPSEC VPN tunnel between 2 DLINK DSR-250 help
Replies
0
Views
52
raist3001
raist3001
lilsneaky
  • Locked
  • Question
VPN netgear FVS318
Replies
1
Views
44
Noway2
Noway2
Naujoks
  • Locked
  • Question
How are VPNs anonymous?
Replies
2
Views
36
Naujoks
Naujoks
isaacgrover
  • Locked
  • Question
Reverse engineering Netgear FVS318 config file
Replies
2
Views
34
dberg35
dberg35

Part and Inventory Search

Sponsor

Back
Top