We are now in the installation phase of a municipal project with an eFive 25 and 7 Cosy 131 VPN routers connected from around the town but we are having major communication issues over the VPN tunnels to the point that we can’t even get a full series of ping requests to come back all positive; usually its 50% or 75% loss.
All 7 tunnels are up and running from the Cosy 131s to the eFive 25.
I can access web config pages from all 7 Cosy 131s by the WAN IP.
WAN IP pings are 100% and response seems good.
1:1 NAT over VPN is configured on each Cosy 131 for at least a PLC and usually a PLC and HMI.
When connected to an engineering system on the local control network and attempting to ping the local IP addresses of the Cosy 131s, the PLCs and HMIs; ping replies always fail either 50% or 75% of the time but there is almost always 1 successful reply with what seems like more latency then there should be (800 to 1200ms typical). We are also seeing issues establishing connections from the PLC programming software (not my department so can’t provide much more info on that at the time).
I have been over this configuration numerous times and everything appears to be configured as it should be but obviously something has to be off because it just isn’t working. There isn’t a lot of information on all these parameters and the eFive setup is pretty screwy with the backdoor FTP configuration method that has to be done so I feel like I have to just be missing something in the parameters but I have spent hours tonight going over things and nothing is improving the situation.
Are their any specific parameters I can check? Why can’t I even get 100% successful pings through a single tunnel?
One other note is this town has their own municipal cable system and it isn’t very good - our local speed tests are maxing out at 3MB down and 1MB up. Does this seem like it would be an issue?