Vigor 2820Vn (3.2.1) 211801_A Annexe A

Problem:
Running Cisco VPN client 5.0.00.0340 on corporate laptop connects VPN ok but large file transfers fall over/ loose remote drive on distant server, also Lotus Notes connects on line and mail can be read but replication task fails. Both faults occur despite VPN tunnel remaining open using IPsec over UPD(NAT/PAT) with transparent tunnelling selected.

All other WAN activity, non VPN FTP uploads/ down loads and VOIP traffic are stable.


Solution:
Do not select UDP FLOOD DEFENSE on Denial of Service set up. Changing Threshold packets /sec and time out in stages made no difference up to 500 packets/ sec and 20 second time out.

All other DoS options are selected.



Future test: Threshold settings/ time out settings to limits to see if some value of DoS can be used with VPN.

Yeeeeeeeehaaaaaa

Bless you Bless you Bless you

It fixed it, three days of merry hell working this one through.

Weird effects - upstream fine, web dls inside VPN some good/some bad.

The whole thing was just crazy.

Thanks for the wisdom, can put away the Billion router now

Mike

Yeeeeeeeehaaaaaa

Bless you Bless you Bless you

It fixed it, three days of merry hell working this one through.

Weird effects - upstream fine, web dls inside VPN some good/some bad.

The whole thing was just crazy.

Thanks for the wisdom, can put away the Billion router now

Mike

Just an update to say that I am now on ver 3.3.3 and this work around is still required. Found out when I set all defense to "on" by mistake.

Still not tested the rate settings.

For 2 weeks (since server breakdown over Christmas!) I have struggled with synch conflicts with our remote server (which we are now using to replace the local one). This suggestion appears to have solved the problem - many thanks for sharing this one!

Similar issues with my Cisco client were down to the MTU defaulting to 1500. The Cisco client came with a Set MTU tool, change it to 1300 on the relevant interface and it works fine. Note that you set it on a per interface basis, so if you have an Ethernet connection and a WiFi connection, remember to do it on all the ones you use.