Hi, GTA Technical Support suggested I drop the MTU to 1480 or lower when I reported the VPN problem to them specifically with regards to trying to upload the latest runtime to the remote Gnatbox via GBAdmin. I had to experiment a bit to find that 1440 seems to work (at least for now). I also googled around some in order to find out what the heck MTU was in the first place (^_^).
I was worried that reducing the MTU would adversely affect my other VPN sites (where I did _not_ change the MTU from 1500) as well as local Internet browsing, but so far no ill effects have been noticed. If there had been any problems, I suppose I'd have to set up a second external interface, which I think would mean going to one of the high-end Gnatboxes. -- Edmond Inomoto > -----Original Message----- > From: Alastair Newman [mailto:[EMAIL PROTECTED] > Sent: Friday, April 30, 2004 7:21 AM > To: 'Edmond J. Inomoto' > Subject: RE: [gb-users] VPN Performance Throughput > > > Thanks very much for the information. > I was interested to know where you found out to set the MTU to 1440? > Thanks > > Alastair Newman > Network Analyst > Scott Brownrigg > > > -----Original Message----- > From: Edmond J. Inomoto [mailto:[EMAIL PROTECTED] > Sent: 29 April 2004 18:44 > To: Alastair Newman > Subject: RE: [gb-users] VPN Performance Throughput > > > Hi, > > Don't know if the issue is the same in your case, but I fixed a similar > problem by reducing the External Interface's MTU from the default 1500 to > 1440 on both VPN gateways. Try it & see if it makes any difference. > > -- Edmond Inomoto > > > > -----Original Message----- > > From: Alastair Newman [mailto:[EMAIL PROTECTED] > > Sent: Thursday, April 29, 2004 12:30 PM > > To: '[EMAIL PROTECTED]' > > Subject: [gb-users] VPN Performance Throughput > > > > > > Hey there > > > > I have two offices connected by GB1000s, both with 2Mbps fibre > > connections to the Internet. VPN configuration as follows... > > > > 5 #VPN to London > > Name: vpnobj5 > > Authentication required: no > > Gateway: EXTERNAL > > Force mobile protocol: no > > Local network: 10.0.0.0/16 > > Phase 1: main aes hmac-sha1 group 5 > > Phase 2: aes hmac-sha1 group 5 > > > > Network throughput between the two offices is relatively poor over the > > VPN, yet download speeds from the Internet at both sites is > > significantly better. > > I assume this is down to the Phase 1 and Phase 2 configuration > [levels of > > encryption etc]? > > > > Was wondering whether somebody could please advise me as to how I can > > increase the throughput while still retaining a solid level of > > security. Indeed, is this the best configuration at all? > > > > Thanks in advance > > > > Alastair Newman > > Network Analyst > > Scott Brownrigg > > > > > > ___________________________________________________________________ > > > > Scott Brownrigg Limited > > > > Registered in England No: 2800215 > > > > For information on Scott Brownrigg's email policy, click here - > > http://www.scottbrownrigg.com/contact/disclaimer.html > > > > For details of Scott Brownrigg's offices within the United Kingdom, > > click here - http://www.scottbrownrigg.com/contact/uk.html > > > > ------------------------------------------------------ > > To unsubscribe: [EMAIL PROTECTED] > > For additional commands: [EMAIL PROTECTED] > > Archive: http://archives.gnatbox.com/gb-users/ > > > > > ___________________________________________________________________ > > Scott Brownrigg Limited > > Registered in England No: 2800215 > > For information on Scott Brownrigg's email policy, click here - > http://www.scottbrownrigg.com/contact/disclaimer.html > > For details of Scott Brownrigg's offices within the United Kingdom, click > here - http://www.scottbrownrigg.com/contact/uk.html ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
