IPSEC Net-to-Net VPN to Azure

Having massive performance problems with Azure VPN.

I can do an IPerf3.exe session where it runs 80Mbs both ways, but when I try to copy a file it drops to 4Mbs. Did a capture and shows the following:

8688 0.0000008 10.0.0.10 192.168.50.20 1062438 - 1063766 5955 …A… 1025 1328 [ReTransmit #4851][Continuation to #8682] [Bad CheckSum]Flags=…A…, SrcPort=Microsoft-DS(445), DstPort=63496, PayloadLen=1328, Seq=1234546137 - 1234547465, Ack=2725474721, Win=1025

Lots of continuation issues and retransmit.

Has something to do with the MTU size I believe.

C:\Users\rtartar>ping -f -l 1370 -t 10.0.0.10

Pinging 10.0.0.10 with 1370 bytes of data:
Reply from 10.0.0.10: bytes=1370 time=61ms TTL=127
Reply from 10.0.0.10: bytes=1370 time=61ms TTL=127

Ping statistics for 10.0.0.10:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 61ms, Maximum = 61ms, Average = 61ms
Control-C
^C
C:\Users\rtartar>ping -f -l 1380 -t 10.0.0.10

Pinging 10.0.0.10 with 1380 bytes of data:
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.

Ping statistics for 10.0.0.10:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
^C
Tried several things in the advance OVPN not sure any apply to the IPSEC settings.

Updated to latest version and recreated everything from scratch and it appears to have fixed the issue.

Thanks

1 Like

For some reason, I did an update trying pakfire and it failed and couldn’t find the kernel.

Did you reboot too early?

It told me that I need to reboot to finish the installation. I believe those were the terms in the web browser.

Hello,
What I need to config on the IPFire side to connect to Azure IPSec, please?
I’ve configured and status stay ‘ON-DEMAND’ but I have no answer to any access (rdp, ping, etc). The doors are open on azure server side.
Thanks in advanced.