cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3306
Views
0
Helpful
4
Replies

Site-to-Site VPN Between Two FTD 2130's Running Slow

Nick61818
Level 1
Level 1

Hello, I have a S2S VPN set up between our 2130's and we seem to be having some serious speed constraints over one of the tunnels.  I read in another post somewhere that the FTD's may have a speed per SA limit, but I have not been able to find any official documentation on that.  Does anyone know if that is in fact true?  We have 1Gbps links on both sides, but the most we have ever been able to get through the tunnel is around 40MB/s.  Our monitoring of the ISP links directly show that they are not over utilized, so we are puzzled as to what is going on.  Currently we are seeing speeds with file transfers between two SANs over this tunnel in only the 5-10MB/s range, which is seriously hurting our replication times.  Any pointers or places to start troubleshooting would be very helpful!

4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

Thanks BB, that was actually the thread that started me down this path.  I understand what they are talking about there with splitting the SA's, but we are looking for any sort of official doc that states that limit is actually the case.

 

Also, even if that was the case, we are not even getting close to the 200-300Mbps limits that talks about currently, so we may have more than just that going on.

Hi,

 

did you find any solution for this?

 

Best Regards

@Nick61818 

 

This is the closest to what you are looking for

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvp25274/?rfs=iqvred

 

Please be aware of
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk34648

Make sure you are running 6.2.3.6 and above.


Additionally, please test with IKEv2 as well as I have seen better performance in some scenarios using IKEv2.

 

Thank you,

Dinesh Moudgil

 

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
Review Cisco Networking for a $25 gift card