I have a client that is attempting to both firewall, and VPN (remote access and site to site) functions on a single 5510 unit. They seem to have problem when the Internet bandwidth becomes congested and the remote access VPN user suffer badly from packet loss. It gets to the point that remote access VPN clients have applications hang on them. While I do expect to have some packet loss and slow down when the Internet connection gets saturated it seems to be more severe on the VPN then the firewall traffic.
The other issue is that the client has a VPN 3000 sitting in parallel with the ASA and they plan to migrate users from it to the ASA but they believe something is wrong with the ASA. The VPN 3000 is connected to the same Internet connection and when the link becomes saturated the remote access users do not experience the same level of packet loss / slow downs / or application hanging on them.
Anyone else seen anything like this?