Hello all, hoping someone can give a quick bit of advice...
I have 20 dispersed sites each with 5Mb leased lines, and a central hub site with a 100Mb uplink to a top tier service provider. All of the remote sites talk to each other through the hub. This is essentially just 20 L2L connections with hairpinning enabled on the outside int of the hub site.
The hub can talk to all sites at 5Mb (upload and download to those sites at 500KB/s), and with a direct tunnel between any 2 of them I get the full 5Mb, but going via the hub site the maximum transfer speed I can achieve is only 100KB/s.
Is this to be expected with the additional encaps/decaps and encrypts/decrypts that going over the 2nd tunnel to reach the destination brings? Or does it sound as though things aren't quite functioning correctly?
All performance figures on the hub firewall look absolutely fine, pretty constant 20% cpu usage and 50% mem usage, no unusual interface statistics etc. All firewalls are ASA5520.
Any thought or suggestion would be greatly appreciated.