Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Slow Cisco Vpn performance!
From: Jay Tumas <jay_tumas () HARVARD EDU>
Date: Wed, 26 Sep 2007 13:52:45 -0400

Which Cisco VPN Concentrator - The 3000 series or the ASA?

J

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jay Tumas - BSEE, NSA/IAM&IEM
                      ~~~~~~~~~~~~~~~~~~~~
- Network Operations, Security and Incident Response Team Manager
- Longwood Medical Area Technical Subcommittee Chair
- Boston Infragard Members Alliance, Executive Board Member
                      ~~~~~~~~~~~~~~~~~~~~
       Harvard University - UIS/Network Operations Center
                  60 Oxford Street, Suite 132
                      Cambridge, MA. 02138
                      ~~~~~~~~~~~~~~~~~~~~
       Office: 617-496-8500  Mobile Device: 617-733-6169
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"The first method for estimating the intelligence of a ruler is to look at the men he has around him." - Niccolo Machiavelli



Christian Hroux wrote:

Hello !

We use Cisco VPN concentrator and most employees use the vpn with their own pc at home. This might be a security risk and also a situation much harder to support but we mitigate de risk by limiting the vpn access to some port and inspecting traffic with IPS. Some users have reported very slow performance only when using university resources through the VPN. All the test point out to the cisco vpn client 4.8 we use on windows XP. The only way to improve speed was to optimize windows XP TCP/IP stack with http://www.speedguide.net/files/TCPOptimizer.exe in the user`s pc.

This doesn`t seem to be MTU related issue since we varied this parameter during test with the user who was having problem.

Let me know off line if you had that kind of complaint from user.

Christian Héroux

Bacc Ing. ÉTS, M. Ing. Poly, étudiant MBA HEC, Ing jr.

Analyste de l'informatique

(Sécurité réseau & Télécom)

Section systèmes, infrastructures et télécommunications

École de Technologie Supérieure

1100 rue Notre-Dame ouest

Montréal, Québec

H3C 1K3

Tél : 396-8800 (7863)

"Network design is 50 percent technology, 50 percent diplomacy, 50 percent magic"


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]