edgerouter poe l2tp vpn ping loss

Hi I am using edgemax router and the model name is edgerouter poe 5 port.
If you configure l2tp vpn and use vpn connection on Macbook and iPhone
The Internet is very slow.
After checking, I was experiencing intermittent ping loss.
It's more than half the time I sent 100. It's more severe and unusable.
I do not know the cause. I do not know if the edgemax router specification is lacking or if there is a problem with the configuration

I'll show you my entire settings.

 firmware version: 1.9.0

-----------------------------------------------------------------------------------------------------------------------------------

eos@eosnet:~$ show configuration
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action accept
description ""
enable-default-log
rule 1 {
action accept
description "allow established sessions"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 3 {
action drop
description "drop invalid state"
log disable
protocol all
}
}
name WAN_LOCAL {
default-action drop
description ""
enable-default-log
rule 10 {
action accept
description "allow established sessions"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 20 {
action accept
description "EdgeMAX SSH"
destination {
port 10022
}
log enable
protocol tcp
source {
}
}
rule 30 {
action accept
description "EdgeMAX HTTPS"
destination {
port 10443
}
log enable
protocol tcp_udp
}
rule 40 {
action accept
description "Allow PPTP Port 1723"
destination {
port 1723
}
log enable
protocol tcp
}
rule 50 {
action accept
description "Allow PPTP GRE"
log enable
protocol gre
}
rule 60 {
action accept
description "Allow IKE for Remote VPN Server"
destination {
port 500
}
log disable
protocol udp
}
rule 70 {
action accept
description "Allow L2TP for Remote VPN Server"
destination {
port 1701
}
log disable
protocol udp
}
rule 80 {
action accept
description "Allow ESP for Remote VPN Server"
destination {
}
log disable
protocol 50
}
rule 90 {
action accept
description "Allow NAT-T for Remote VPN Server"
destination {
port 4500
}
log disable
protocol udp
}
rule 100 {
action drop
description "drop invalid state"
log disable
protocol all
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address dhcp
description WAN
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth1 {
address 192.168.0.1/24
address 192.168.10.1/24
address 10.0.0.1/24
description LAN1
duplex auto
poe {
output off
}
speed auto
}
ethernet eth2 {
address 192.168.20.1/24
address 192.168.30.1/24
address 192.168.40.1/24
description LAN2
duplex auto
speed auto
}
loopback lo {
}
}
load-balance {
}
policy {
}
port-forward {
auto-firewall enable
hairpin-nat enable
lan-interface eth1
lan-interface eth2
rule 1 {
description "FreeNAS SSH"
forward-to {
address 192.168.0.211
port 22
}
original-port 21122
protocol tcp
}
rule 2 {
description "xpnas https"
forward-to {
address 192.168.0.183
port 15001
}
original-port 15001
protocol tcp
}
rule 3 {
description "xpnas http"
forward-to {
address 192.168.0.183
port 15000
}
original-port 15000
protocol tcp
}
rule 4 {
description "w2012r2 RDP"
forward-to {
address 192.168.0.222
port 3389
}
original-port 33389
protocol tcp
}
rule 5 {
description "FreeNAS AFP"
forward-to {
address 192.168.0.211
port 548
}
original-port 548
protocol tcp_udp
}
rule 6 {
description "FreeNAS FTP"
forward-to {
address 192.168.0.211
port 21
}
original-port 21121
protocol tcp_udp
}
rule 7 {
description "FreeNAS iSCSI MB"
forward-to {
address 192.168.0.211
port 3262
}
original-port 3262
protocol tcp_udp
}
rule 8 {
description "xpnas ftp"
forward-to {
address 192.168.0.183
port 21
}
original-port 18321
protocol tcp_udp
}
rule 9 {
description "xpnas p2p 1"
forward-to {
address 192.168.0.183
port 16881
}
original-port 16881
protocol tcp
}
rule 10 {
description "xpnas p2p 2"
forward-to {
address 192.168.0.183
port 6881
}
original-port 6881
protocol tcp
}
rule 11 {
description "ubuntu ssh"
forward-to {
address 192.168.0.217
port 22
}
original-port 21722
protocol tcp
}
rule 12 {
description "ubuntu owncloud"
forward-to {
address 192.168.0.217
port 443
}
original-port 17443
protocol tcp_udp
}
rule 13 {
description "solaris ssh"
forward-to {
address 192.168.0.221
port 22
}
original-port 22122
protocol tcp
}
rule 14 {
description "freebsd ssh"
forward-to {
address 192.168.0.225
port 22
}
original-port 22522
protocol tcp
}
rule 15 {
description "ILO4 HTTPS"
forward-to {
address 192.168.0.199
port 443
}
original-port 19443
protocol tcp
}
rule 16 {
description "ILO4 Console Replay"
forward-to {
address 192.168.0.199
port 17990
}
original-port 17990
protocol tcp
}
rule 17 {
description "ILO4 Shared Remote Console"
forward-to {
address 192.168.0.199
port 9300
}
original-port 9300
protocol tcp
}
rule 18 {
description "ESXi1 SSH"
forward-to {
address 192.168.0.201
port 22
}
original-port 20122
protocol tcp
}
rule 19 {
description "ubuntu lego ssh"
forward-to {
address 192.168.0.218
port 22
}
original-port 21822
protocol tcp
}
rule 20 {
description "ubuntu lego ftp"
forward-to {
address 192.168.0.218
port 21
}
original-port 21821
protocol tcp_udp
}
rule 21 {
description "ubuntu xe"
forward-to {
address 192.168.0.218
port 28086
}
original-port 28086
protocol tcp
}
rule 22 {
description "xpnas cloudstation"
forward-to {
address 192.168.0.183
port 6690
}
original-port 15005
protocol tcp
}
rule 23 {
description "FreeNAS WebDAV"
forward-to {
address 192.168.0.211
port 28090
}
original-port 28090
protocol tcp
}
rule 24 {
description "centos 7"
forward-to {
address 192.168.0.215
port 22
}
original-port 21522
protocol tcp
}
rule 25 {
description "solaris 11.3 vnc"
forward-to {
address 192.168.0.221
port 5900
}
original-port 25900
protocol tcp_udp
}
rule 26 {
description "solaris 11.3 ssh"
forward-to {
address 192.168.0.220
port 22
}
original-port 22022
protocol tcp
}
rule 27 {
description "centos7 http"
forward-to {
address 192.168.0.215
port 80
}
original-port 21580
protocol tcp
}
rule 28 {
description "gen8 ilo4 ssh"
forward-to {
address 192.168.0.199
port 22
}
original-port 19922
protocol tcp
}
rule 29 {
description "win server 2016"
forward-to {
address 192.168.0.228
port 3389
}
original-port 43389
protocol tcp
}
rule 30 {
description "ESXi2 SSH"
forward-to {
address 192.168.0.202
port 22
}
original-port 20222
protocol tcp
}
rule 31 {
description "FreeBSD11 ssh"
forward-to {
address 192.168.0.226
port 22
}
original-port 22622
protocol tcp
}
rule 32 {
description "vcsa6 https"
forward-to {
address 192.168.0.230
port 443
}
original-port 23043
protocol tcp
}
rule 33 {
description "ESXi2 https"
forward-to {
address 192.168.0.202
port 443
}
original-port 20243
protocol tcp
}
rule 34 {
description "ESXi1 https"
forward-to {
address 192.168.0.201
port 443
}
original-port 20143
protocol tcp
}
rule 35 {
description "ESXI2 902"
forward-to {
address 192.168.0.202
port 902
}
original-port 902
protocol tcp_udp
}
wan-interface eth0
}
protocols {
static {
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name eosnet {
authoritative disable
subnet 192.168.0.1/24 {
default-router 192.168.0.1
dns-server 168.126.63.1
dns-server 168.126.63.2
domain-name ohnetworks.local
lease 86400
start 192.168.0.10 {
stop 192.168.0.100
}
}
}
shared-network-name eosnet-subnet {
subnet 10.0.0.0/24 {
default-router 10.0.0.1
dns-server 168.126.63.1
dns-server 168.126.63.2
start 10.0.0.10 {
stop 10.0.0.99
}
}
}
shared-network-name eosvpn {
authoritative disable
subnet 192.168.100.0/24 {
default-router 192.168.100.1
dns-server 168.126.63.1
dns-server 168.126.63.2
lease 86400
start 192.168.100.2 {
stop 192.168.100.254
}
}
}
shared-network-name eosworks {
authoritative disable
subnet 192.168.20.0/24 {
default-router 192.168.20.1
dns-server 168.126.63.1
dns-server 168.126.63.2
lease 86400
start 192.168.20.2 {
stop 192.168.20.254
}
}
}
use-dnsmasq disable
}
gui {
http-port 80
https-port 10443
older-ciphers enable
}
nat {
rule 5000 {
description PAT
log disable
outbound-interface eth0
protocol all
type masquerade
}
}
ssh {
port 10022
protocol-version v2
}
}
system {
gateway-address 192.168.1.1
host-name eosnet
login {
user eos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
full-name eos
level admin
}
user ubnt {
authentication {
encrypted-password ****************
plaintext-password ****************
}
full-name ubnt
level admin
}
}
name-server 168.126.63.1
name-server 168.126.63.2
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
package {
repository squeeze {
components "main contrib non-free"
distribution squeeze
password ****************
url http://http.us.debian.org/debian
username ""
}
repository squeeze-security {
components main
distribution squeeze/updates
password ****************
url http://security.debian.org
username ""
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone Asia/Seoul
traffic-analysis {
dpi enable
export enable
}
}
traffic-policy {
}
vpn {
ipsec {
auto-firewall-nat-exclude enable
}
l2tp {
remote-access {
authentication {
local-users {
username eos {
password ****************
}
}
mode local
}
client-ip-pool {
start 192.168.0.120
stop 192.168.0.129
}
dhcp-interface eth0
dns-servers {
server-1 168.126.63.1
server-2 168.126.63.2
}
ipsec-settings {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
ike-lifetime 3600
}
mtu 1492
}
}
}
zone-policy {
}

-------------------------------------------------------------------------------------------------------------------------------------