VPN IP Routing – slow connections

local-area-networkpptpsite-to-site-vpnvpn

UPDATE: Router error logs show:

LCP Time-out 0

I'm not sure how to correct this. The Lan-to-Lan profiles are set to -1 Idle Timeout (for the remote branch).

I have a PPTP VPN running between two Draytek 2820 routers. They are setup that one dials out to the other one.

Main Practice - 192.168.1.0/24
Branch        - 192.168.3.0/24

I have then set (on the Branch) router the following route:

192.168.1.0/24

If I then request a server running on 192.168.1.1 from the Branch, it correctly routes through VPN tunnel. If I request the branch server at 192.168.3.1 it correctly routes to the local server without using the VPN tunnel.

I have temporarily disabled the firewall on both routers, and made sure that QoS is disabled.

The Main Practice internet connection is ~30mb down / ~10mb up, and the Branch connection is ~5mb down / ~2mb up.

Anything over the VPN tunnel runs pretty slowly (VNC, Remote Desktop and Terminal Emulators). However, if I dial using the Windows VPN wizard, creating a connection from the laptop to the Main Practice – everything runs quickly.

I'm looking for possible causes, and/or ways of further diagnosing the issue. Any help would be greatly appreciated!

UPDATE: In summary, when I connect within the Branch and try and access a host that's within the Main Practice it works, but slowly. If I then dial the VPN on my Windows 7 laptop whilst still connected to the Branch network, it's fast.

Main Practice
Main Practice
Branch Practice
Branch Practice

Routing Table from Branch Router

Key: C - connected, S - static, R - RIP, * - default, ~ - private
*            0.0.0.0/ 0.0.0.0          via 126.256.126.103   WAN2
C~      192.168.1.99/ 255.255.255.255  directly connected   VPN-1
S~       192.168.1.0/ 255.255.255.0    via 192.168.1.99     VPN-1
S~       192.168.2.0/ 255.255.255.0    via 192.168.1.99     VPN-1
C~       192.168.3.0/ 255.255.255.0    directly connected    LAN2
C    126.256.126.103/ 255.255.255.224  directly connected    WAN2

Routing Table from Main Practice

Key: C - connected, S - static, R - RIP, * - default, ~ - private
*             0.0.0.0/         0.0.0.0 via 81.139.64.1,   WAN2
S        81.137.176.1/ 255.255.255.255 via 81.137.176.1,   WAN2
*         81.139.64.1/ 255.255.255.255 via 81.139.64.1,   WAN2
C~      192.168.1.204/ 255.255.255.255 is directly connected,    VPN
C~        192.168.1.0/   255.255.255.0 is directly connected,    LAN
S~        192.168.2.0/   255.255.255.0 via 192.168.1.204,    VPN
S~        192.168.3.0/   255.255.255.0 via 192.168.1.203,    VPN

Connection Details (from Branch Router)

Connection details from Branch Router

Connection Details (from Main Practice Router)

Connection details from Main Practice Router

IPERF.exe Output
IPERF.exe output

If it helps, here is the output from the IPERF.exe server

IPERF.exe server

Best Answer

Your VPN connection uses MPPE encryption, but according to router's page http://www.draytek.co.uk/products/vigor2830.html - MPPE have no hardware support. Try to setup something else as encryption protocol (AES/DES/3DES). IMHO it is available only with L2TP protocol.

Related Topic