This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSEC Site-To-Site VPN Slow

Hi,

I have an strange issue, When I download a file from internet I get the maximum speed of my ADSL connection (13Mbit) But when I download from my remote site using a IPSEC tunnel i only get 2-4Mbit per stream.
If I download via multiple streams every stream get 2-4Mbit and I can get the maximum speed.

The CPU is never close to maxed. Only 1-2%.

I have Path MTU enabled and also ECN on both sites. I have tried without also but the same result.

Anyone got an idea on what could be the cause of this?

Best Regards
Frank


This thread was automatically locked due to age.
Parents
  • Your idea makes sense, Frank.  Can you get your reseller to submit a ticket to Sophos Support?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Your idea makes sense, Frank.  Can you get your reseller to submit a ticket to Sophos Support?

    Cheers - Bob


    Hi Bob,

    We are both home users [:$]

    We are evaluation it at work at the moment for the WAF support. It will if successful replace our TMG infrastructure as reverse proxy.
    But I don't think it's fair to contact them regarding this.

    Is there any other things I can check? If there are buffer issues then is there an way to see this?
    In my Cisco switches i can see it on the interfaces.

    Best Regards
    Frank
  • Try to reduce the MTU at the client drastically.

    Possible you got usable speed with MTU 1200.

    next try to send and receive data.

    Is one direction good/ok and the other poor ... possible a duplex-mismatch-problem.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • Try to reduce the MTU at the client drastically.

    Possible you got usable speed with MTU 1200.

    next try to send and receive data.

    Is one direction good/ok and the other poor ... possible a duplex-mismatch-problem.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
No Data