1100AHx2 - preferred IPsec config (hw encryption)
Posted: Wed Aug 27, 2014 12:19 pm
What is the preferred way to setup ipsec tunnel between two 1100AHx2 to make use of the build in hardware encryption?
I've tried quite a few combinations of settings, and never really got the expected throughput over the tunnel. I'm currently running peer with 3des/md5/modp1024 and policy at aes-128/sha1/noPFS and get just 25Mbit/s throughput. Without ipsec I get 51Mbit between the same routers.
Is there anything regarding packetsize I would need to change?
I've tried quite a few combinations of settings, and never really got the expected throughput over the tunnel. I'm currently running peer with 3des/md5/modp1024 and policy at aes-128/sha1/noPFS and get just 25Mbit/s throughput. Without ipsec I get 51Mbit between the same routers.
Is there anything regarding packetsize I would need to change?