I have just setup a site to site VPN and have concerns about the throughput.
It is a hub and spoke topoligy with a ASA 5510 at the hub with a speed of 8Mb each way. Out on the spoke ADSL 857 routers with a download of 10Mb and 1Mb up. But the download speed over the VPN is only about 1.5 - 2Mb.
I have tested with the dreded PPTP VPN and get 8Mb download from the hub.
Checking the CPU of the router it not getting much higher than 10%.
I have adjusted mss on the dialer interface of the 857 to try and limit fragmentation.
ip tcp adjust-mss 1380
I think the ASA has these settings as standard.
The VPN is using AES128 SHA DH5 with perfect forward secrecy.
From the specs that I have seen the 857 should be able to do at least 8Mb through put with AES.
See table 3 on page 9 of the attached doc.
I am I expecting too much from it, should I have gone with a 877? Is there something else I can do to trouble shoot or tweak?