VPN between Cisco 1812 and Linksys RV082

[tangostar]

I have a VPN established between a Cisco 1812 and a Linksys RV082.

It is established but it doesn't have very good preformance. Some applications will not work through it and printing is slow between sites.
I also believe that the packets are fragmenting.


!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname proxy
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$5GmN$XINis9FFru4jcQhx7yW/o.
enable password 7 082D45400C59151B13051814387B
!
no aaa new-model
!
resource policy
!
clock timezone UTC -5
clock summer-time UTC recurring
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip tcp synwait-time 10
no ip bootp server
ip name-server 64.201.167.193
ip name-server 207.54.98.226
ip name-server 209.162.224.10
ip name-server 209.162.224.2
ip ssh authentication-retries 2
ip ips sdf location flash://128MB.sdf autosave
no ip ips deny-action ips-interface
ip ips notify SDEE
ip ips name sdm_ips_rule
!
vty-async
!
crypto pki trustpoint TP-self-signed-2068113186
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2068113186
revocation-check none
rsakeypair TP-self-signed-2068113186
!
!
crypto pki certificate chain TP-self-signed-2068113186
certificate self-signed 01
3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32303638 31313331 3836301E 170D3035 31313134 30373231
35325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 30363831
31333138 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CD68 EA36AF40 E26215F8 BBA7F05B 6CC09425 2A5B447D F88D62DC 04EC3DDC
5666D3D5 0D43DB16 D645A57D BCFD9CD7 BCC8E066 41B2D22D 8C8B4233 D45D899B
726D943B 1408A457 BFCB349B BA110880 D8869677 AE9963CE 039BEC83 0A75ADC5
EBB52CAF 6C862A5F F2573603 912DC2AB 70564111 E954825F 27CA399B C4E7DAE4
AA110203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF 301E0603
551D1104 17301582 1370726F 78792E70 6C616E74 70726F64 2E636F6D 301F0603
551D2304 18301680 142B349C 09ACFB15 F0F066AF 1389DF13 52EBD676 EC301D06
03551D0E 04160414 2B349C09 ACFB15F0 F066AF13 89DF1352 EBD676EC 300D0609
2A864886 F70D0101 04050003 81810075 CF3C032C 6ACADD44 2CA839B9 75C3E790
52FAEADB 4AFF5C32 EE7A4700 4C1C0440 6D44D260 3B45107B 1ACE2D45 04296988
57DBAE7F 6816EBEF B7F505E5 234F66AE E8FBEBF0 80048B27 5EFF2965 F7277175
F3B7115E D7B69667 2CDA197C 7D930C23 3C3FF0E6 FDD3F8F9 4B2B6265 0D98F978
3CE51C6B C170CC2A 8D2CA7BA 38DD33
quit
!
no spanning-tree vlan 1
username admin privilege 15 secret 5 $1$1ddfdfD/i$BlF.IypwracdyNKRoLtDjhH/
!
!
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 28800
!
crypto isakmp policy 2
encr 3des
authentication pre-share
group 2
lifetime 28800
crypto isakmp key plantpr0 address xxxxxxxxxxxx no-xauth
crypto isakmp key plantpr0 hostname xxxxxxxxxxxxx no-xauth
crypto isakmp invalid-spi-recovery
!
!
crypto ipsec transform-set 3des_md5 esp-3des esp-md5-hmac
crypto ipsec transform-set 3des_sha esp-3des esp-sha-hmac
!
crypto map quebec local-address FastEthernet0
crypto map quebec 1 ipsec-isakmp
description Tunnel to Alpine crypto-map
set peer xxxxxxxxxx
set transform-set 3des_md5
match address 100
crypto map quebec 2 ipsec-isakmp
description Tunnel to Laval crypto-map
set peer xxxxxxxxx
set transform-set 3des_sha
match address 102
!
!
!
interface Tunnel0
description tunnel to Alpine
no ip address
ip mask-reply
ip nat inside
ip virtual-reassembly
tunnel source xxxxxxxxxx
tunnel destination xxxxxxxxxxx
crypto map quebec
crypto ipsec df-bit clear
!
interface Tunnel1
description tunel to Laval
no ip address
ip mask-reply
ip directed-broadcast
tunnel source xxxxxxxxxxxx
tunnel destination xxxxxxxxxxxx
crypto map quebec
!
interface BRI0
no ip address
shutdown
!
interface FastEthernet0
description Terago$FW_OUTSIDE$$ES_WAN$$ETH-WAN$
ip address xxxxxxxxxxxx 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip ips sdm_ips_rule in
ip virtual-reassembly
speed 10
full-duplex
crypto map quebec
crypto ipsec df-bit clear
!
interface FastEthernet1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$ES_LAN$$FW_INSIDE$
ip address 10.0.0.6 255.255.255.0
ip mask-reply
ip directed-broadcast
ip nat inside
ip virtual-reassembly
!
ip classless
ip default-network 10.0.0.0
ip route 0.0.0.0 0.0.0.0 xxxxxxxxxxxxxx permanent
ip route 10.0.0.0 255.255.255.0 Vlan1 permanent
ip route 192.168.0.0 255.255.255.0 Tunnel1 permanent
ip route 192.168.123.0 255.255.255.0 Tunnel0 permanent
!
!
ip http server
no ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source route-map SDM_RMAP_2 interface FastEthernet0 overload
ip nat inside source static tcp 10.0.0.40 80 xxxxxxxxxxxx 80 extendable
ip nat inside source static tcp 10.0.0.40 443 xxxxxxxxxxxxx 443 extendable
ip nat inside source static tcp 10.0.0.2 1723 xxxxxxxxxxxx 1723 extendable
ip nat inside source static tcp 10.0.0.39 22 xxxxxxxxxxxxx 22 extendable
ip nat inside source static udp 10.0.0.39 22 xxxxxxxxxxxxx 22 extendable
ip nat inside source static tcp 10.0.0.39 80 xxxxxxxxxxxx 80 extendable
ip nat inside source static tcp 10.0.0.39 443 xxxxxxxxxxxxx 443 extendable
ip nat inside source static tcp 10.0.0.21 22 xxxxxxxxxxxxxx 22 extendable
ip nat inside source static tcp 10.0.0.21 25 xxxxxxxxxxxxxxxx 25 extendable
ip nat inside source static tcp 10.0.0.4 80 xxxxxxxxxxxxxxx 80 extendable
ip nat inside source static tcp 10.0.0.4 110 xxxxxxxxxxxxxxxx 110 extendable
ip nat inside source static tcp 10.0.0.4 443 xxxxxxxxxxxxxxx 443 extendable
ip nat inside source static tcp 10.0.0.8 1494 xxxxxxxxxxxxxx 1494 extendable
ip nat inside source static tcp 10.0.0.8 2598 xxxxxxxxxxxxxxx 2598 extendable
ip nat inside source static tcp 10.0.0.15 80 xxxxxxxxxxxxxx 80 extendable
!
logging trap warnings
logging 10.0.0.15
access-list 100 remark Alpine Access List
access-list 100 permit ip 10.0.0.0 0.0.255.255 192.168.123.0 0.0.0.255
access-list 100 permit gre 10.0.0.0 0.0.255.255 192.168.123.0 0.0.0.255
access-list 101 remark Deny Local IPs in through External Access List
access-list 101 remark SDM_ACL Category=18
access-list 101 deny ip 10.0.0.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 10.0.0.0 0.0.0.255 any
access-list 102 remark Laval Access List
access-list 102 permit ip 10.0.0.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 102 permit gre 10.0.0.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 102 permit esp 10.0.0.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 102 permit udp 10.0.0.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 102 permit tcp 10.0.0.0 0.0.0.255 192.168.0.0 0.0.0.255
snmp-server community public RO
no cdp run
!
route-map SDM_RMAP_2 permit 1
match ip address 101
!
!
!
!
control-plane
!
banner login Authorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!
!
line con 0
transport output telnet
line aux 0
login
transport output telnet
line vty 0 4
password 7 0785644D401D091718
login
!
scheduler allocate 4000 1000
scheduler interval 500
end