Q1: The expected bandwidth after establishing an IPsec tunnel can vary depending on several factors, including the capabilities of the devices involved, the configuration of the tunnel, and the network conditions. In general, the IPsec tunnel introduces some overhead due to encryption and encapsulation, which can result in a slight decrease in the actual bandwidth compared to the bandwidth received from the ISP. It is common to see a decrease of around 5-10% in the actual bandwidth compared to the ISP's provided bandwidth.
Q2: To achieve 6 Gbps throughput over an IPsec tunnel, there are several prerequisites. You would need:
i). ISP bandwidth must be more than 6 Gbps.
ii) The platform (router/firewall) must support IPsec throughput of 6Gbps. For instance, a Cisco ASR 1000 Series router with a high-performance ESP that supports at least 6 Gbps of throughput could meet your requirements. You should select a router model that can accommodate the chosen ESP and configure it accordingly to maximize performance.
iii) Ensure sufficient memory, power supply, and other resources based on the specific requirements of your network environment.
Please note that achieving the desired throughput also depends on other factors such as network congestion, latency, and the overall performance of the network infrastructure.
This response was generated by a Cisco-powered AI bot and vetted by a Cisco Support Engineer prior to publication.
This is part of a monitored experiment to see if the bot can help answer questions alongside community members. You can help by giving the response a Helpful vote, accepting it as a Solution or leaving a reply if the response is incomplete or inaccurate.