Hello everyone.
I'm trying to use L2TP/IPSec on Cisco ASA 5505 as LNS and Win 10 native L2TP client as LNC. The main goal is to connect Win10 to ASA and then forward traffic to Internet. L2TP/IPSec connection between Win10 and ASA establishes successfully but RTT is too high and in a few minutes (or maybe about 2 MB of traffic) after connection I can't get access to Internet from Win10 at all. I changed MTU = 1400 and MSS = 1300, but the issue still hasn't been resolved.
I was pinging 8.8.8.8 from Win10 through the tunnel (because tunnel interface is a default gateway) and saw the following results:
- Ping when connection just has been established (RTT is high, but it's not as strange as next)
- When I download a webpage I saw a 3 or 4 ping packets drop
- After a couple of webpages all ping packets were dropped but tunnel still alive.
Topology looks something like that:
Radius Server <==> Internet
Cisco ASA5505 (Outside DHCP local address) <==> ZyXEL router (NAT global address) <==> Internet
Win10 <==> Internet
Zyxel router does NAT on ports 500, 4500, 1701 to ASA address.
I don't have any ideas where is the problem and how to troubleshoot that. And when I decided to make this post I thought I can download ping and topology pictures there but unfortunately I can't. :( Sorry for my English. I really need help with that. Thanks for your replies.
No comments:
Post a Comment