We have 3 VPN tunnels running between 3 sites, two with an ASA-5506, one with an ASA-5505 (although the problem is similar between the different models). Despite our internet connections maxing at 400Mbps, and interoffice transfers at reasonable (Windows) speeds, intersite transfers max out at 20Mbps.
I have read a lot on these community boards in my attempts to fix the issue. My attempts have involved:
Changing the MTU on the Interface (values from 1400-1500)
Chainging the IKEv2 Fragmentation settings
Enable & Disable Fragmentation
Setting Fragmentation MTU (values between 1380-1460)
Changing the IPSec Prefragmentation Policies settings:
Changing the DF-Bit Policy between Clear & Copy
No combination of these has resulted in a speed increase. I'm happy to provide more configs. I mainly use the ASDM to configure these but I can do some CLI if needed.
I'm sure I'm missing something, please help me to find out what!
Stealthwatch Enterprise can be leveraged to monitor vulnerable devices, and alert on potential exploitation by bad actors looking to exploit Ripple20 and other potential vulnerabilities.
Note that the concepts and procedures outlined here can be used for...
The following is useful to those entities interested in monitoring appropriate usage of Cisco WebEx resources within their environments, as well as those interested in tracking additional metrics around usage of the WebEx service.
The relevant supporting...
I'm using AMP, and when I activated the SecureX Ribbon, I mistakenly used the wrong account to connect to SecureX. Now my SecureX Ribbon is connected to the wrong account. How do I fix it?
You can clear the SecureX Authorizatio...
I'm using Umbrella, and when I activated the Ribbon, I mistakenly used the wrong account to connect to SecureX. Now my SecureX Ribbon is connected to the wrong account. How do I fix it?
You can clear the SecureX Authorization for t...
Hi, I saw certain endpoint running state is Unauthorized, UZ. Therefore I check in ISE found some details which I not sure related to endpoint being UZ or not , which is Invalid username or password under context endpoint. I do see the cert...