Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
2
Replies

FTD 2110 messure TLS performance

Rene Mueller
Level 5
Level 5

‎11-22-2024 01:27 AM

We use a FTD 2110 HA cluster managed by FMC. We have SSL Remote Access VPN running with about 600 dialed in users. Now we randomly experience bad performance on client and also see that Data path CPU is alway up to 75% and above. From the FTD Datasheet we know that the TLS limit (we use DTLS for SSL VPN) is 365 Mbits. Is there a way to check/measure the current TLS performance on a FTD?

0 Helpful
2 Replies 2

rushispace
Level 1
Level 1

‎11-22-2024 04:28 AM

On FTD Cli Use show vpn-sessiondb ra-ikev2 to monitor active sessions, and check throughput for SSL VPN users.

Use show vpn load-balancer (if configured) to see the load across the cluster.

Check for any TLS flows: show asp table socket

Check Data Path CPU utillization: show cpu detailed

Upgrade to a higher model if your use case consistently approaches or exceeds 365 Mbps.
Open a TAC case with Cisco to review your configuration and hardware utilization.

0 Helpful

Rene Mueller
Level 5
Level 5
In response to rushispace

‎11-22-2024 05:21 AM

How can I find out that the FTD exceeds the 365 Mbps of TLS? 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card