Good Afternoon all,
We have a situation where we basically have a customer with 100/50 Mbs fiber at two locations and we are connecting the two sites via a IPSEC VPN. At one site we have a Cyberoam 35 (capable of 200 Mbs via VPN). When I have tried a Cyberoam at each end we have had no issues with getting almost fill bandwidth from the VPN.
When I replaced one end with a routerboard is where the issues started. So go the VPN up and passing traffic with no issues. The VPN is 3DES, SHA and DH2 (standard settings)...
The issue is that via the IPSEC VPN I can only get 1 to 2MBs (8 - 16 Mpbs) I have tried various things including disabling PFS and setting the MSS on the RB but same thing. I have tried 2 different RB's (951G and 2011) with the same issue. I can see the CPU goes high when I load the VPN up and the process driving it high is "encryption" ...
If I try the same file transfer not via the VPN, by a NAT (FTP transfer) I get around 5MBs or 40Mbs.
Any ideas??
Logical Solutions, NZ
http://www.logicalsolutions.co.nz