We have 3 VPN tunnels running between 3 sites, two with an ASA-5506, one with an ASA-5505 (although the problem is similar between the different models). Despite our internet connections maxing at 400Mbps, and interoffice transfers at reasonable (Windows) speeds, intersite transfers max out at 20Mbps.
I have read a lot on these community boards in my attempts to fix the issue. My attempts have involved:
Changing the MTU on the Interface (values from 1400-1500)
Chainging the IKEv2 Fragmentation settings
Enable & Disable Fragmentation
Setting Fragmentation MTU (values between 1380-1460)
Changing the IPSec Prefragmentation Policies settings:
Changing the DF-Bit Policy between Clear & Copy
No combination of these has resulted in a speed increase. I'm happy to provide more configs. I mainly use the ASDM to configure these but I can do some CLI if needed.
I'm sure I'm missing something, please help me to find out what!
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...
Bonjour,Je cherche à acceder l'interface de management de l'ASA, depuis l'Anyconnect.Malegré que j'ai ajouté les ACLs necessaires, mais l'acces management ASA en SSH depuis le vpn nomade ne passse.Je me demande si on peut manager l'ASA en ssh ou autres pr...
I am involved in rolling out about 40 wifi networks using cisco 3602/2802 aps and cisco 5508 ISE. Our network offers a 2 step authentication with user and machine certificates as well as users needing to be in correct AD groups. The problem we have i...
August 13, 2020Custom Conflict Detected Polling IntervalCustom FTD Templates July 30, 2020Object OverridesImproved Network Group WizardJuly 9, 2020Customize the RA VPN and Events ViewsJuly 2, 2020SecureXCisco Security Analytics and Logging Event Downloads...
Dear Community, So, according to the Cisco ISE Release 2.7 Administrator Guide, it should be possible to use a remote lock/wipe on MDM-devices that connect through ISE on the network( see the screenshot in the attachment).The problem is that th...