Hi,
We have a XG2300 with a 500/500 WAN. At home I have a run-of-the-mill 70/70 FiOS (or thereabouts)
I connect to a file sharing site hosted at my office and I get, on average, 60-70mbs when downloading s file via our public IP address.
I jump on our IPSEC Remote Access VPN and is drops to barely 30mbs when downloading the same file, now from the private LAN address through the VPN.
I understand I could just access it via our internet address with a split tunnel, but I did this deliberately as a test since I have some resources that can only be accessed through the VPN, are slow, and I wanted a way to compare VPN vs no-VPN to try too find the bottleneck.
I have disabled DoS checking and have no IPS or other filtering between the VPN and our LAN. I've tinkered with MTU with no significant difference.
The traffic isn't being blocked -- the file does download. Just slowly.
Three questions:
Is this normal? Is IPSEC expected to cut speeds in half?
Anything best-practices when it comes to IPSEC RA? I have it configured with the defaultremoteaccess ipsec profile. Client is Sophos Connect on a Mac.
Any way to download the logs and/or packet capture into a PCAP or text file I can post?
Thanks,
Jeff
This thread was automatically locked due to age.
