Weird ASA Behaviour

Unanswered Question
Aug 5th, 2008

Hi Guys,

Got a real funny one here. I have been having speed issues with a site-to-site VPN for the last few weeks. We own the core of which the traffic is traversing.

Our developers noticed that data trasfer speeds were about 2-3 Mbps across the IPSEC VPN.

At both ends of the VPN sits two ASAs in A/S Failover. So, 4 ASA's in total.

By accident i noticed when troubleshooting this, that when i reload the primary of one pair the speed increases to 20 Mbps. At this stage the failover state on this end of the VPN moves from


This host: Primary - Active (ASA1)

This host: Secondary - Standby (ASA2)

---to ---


This host: Secondary - Active (ASA1)

This host: Primary - Standby (ASA2)

I'm not sure why i cannot get up to 100 Mbps on this VPN.

All ASAs carry 8.03 IOS

Please help.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Farrukh Haroon Wed, 08/06/2008 - 02:21

Have you looked at MTU/Fragmentation issues?

Try turning of the unncessary inspections (like netbios etc.)




This Discussion